Security Engineer

Summary

Join GuidePoint Security, a rapidly growing cybersecurity firm, as a Security Engineer. You will leverage your SIEM/SOAR expertise to design, implement, and troubleshoot security solutions for our Fortune 500 and government clients. This role requires 1-2 years of experience with SIEM/SOAR platforms, proficiency in log ingestion, and strong scripting skills. You will develop security content, threat detection logic, and dashboards. GuidePoint offers a remote-first work environment, excellent benefits including fully paid medical and dental premiums, flexible time off, and a retirement plan.

Requirements

• 1-2 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
• Proficiency in developing log ingestion and aggregation strategies
• Expertise in developing security-focused content for one or more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
• Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
• Familiarity with key security events on common IT platforms
• Deep proficiency in client and server operating systems including Windows, Mac, and Linux
• General networking and security troubleshooting skills (firewalls, routing, NAT, etc.)
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects

Responsibilities

• Develop log ingestion and aggregation strategies
• Develop security-focused content for one or more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
• Troubleshoot security issues related to SIEM/SOAR solutions
• Work with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
• Demonstrate familiarity with key security events on common IT platforms
• Troubleshoot networking and security issues (firewalls, routing, NAT, etc.)
• Utilize scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Prioritize and deliver across a portfolio of projects autonomously

Preferred Qualifications

• Experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack
• Experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco
• Experience authoring security runbooks, policy, and best practice documentation
• Bachelor’s degree in a relevant discipline or equivalent professional experience

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
• 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option