Security Engineer

Summary

Join GuidePoint Security as a Security Engineer and contribute to the success of a rapidly growing cybersecurity firm. You will leverage your expertise in SIEM/SOAR solutions to design, implement, and troubleshoot security systems for major organizations. This role demands proficiency in log ingestion, threat detection, and dashboard development across various platforms. You will need strong scripting and development skills, along with experience in operating systems and networking. GuidePoint offers a remote-first work environment, comprehensive health insurance, paid time off, and other attractive benefits.

Requirements

• Have 1-2 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
• Possess proficiency in developing log ingestion and aggregation strategies
• Have expertise in developing security-focused content for one or more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
• Have expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
• Possess familiarity with key security events on common IT platforms
• Have deep proficiency in client and server operating systems including Windows, Mac, and Linux
• Possess general networking and security troubleshooting skills (firewalls, routing, NAT, etc.)
• Have scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Have the ability to autonomously prioritize and successfully deliver across a portfolio of projects

Responsibilities

• Develop log ingestion and aggregation strategies
• Develop security-focused content for one or more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
• Work with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
• Troubleshoot key security events on common IT platforms
• Troubleshoot client and server operating systems including Windows, Mac, and Linux
• Troubleshoot general networking and security (firewalls, routing, NAT, etc.)
• Utilize scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Prioritize and deliver across a portfolio of projects autonomously

Preferred Qualifications

• Have experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack
• Have experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco
• Have experience authoring security runbooks, policy, and best practice documentation
• Have a Bachelor’s degree in a relevant discipline or equivalent professional experience

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option