Security Engineer

Summary

Join Thrive, a rapidly growing technology solutions provider, as a Security Engineer specializing in Microsoft Sentinel and Defender XDR. You will play a key role in enhancing our cybersecurity framework by integrating and utilizing these security tools. Responsibilities include designing and optimizing SIEM rules, deploying SOAR tools, ensuring robust API security, and creating client reports. You will analyze security data, develop dashboards, and participate in client meetings. This position requires a strong background in SIEM, EDR, and SOAR, along with excellent communication skills. If you are detail-oriented and passionate about cybersecurity, this is the ideal opportunity for you.

Requirements

• Proven experience with Microsoft Sentinel and Defender XDR products
• Strong background in SIEM rule design and optimization
• Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions
• Experience with SOAR tools and automated security response implementations
• Familiarity with API security protocols and measures
• Ability to analyze large amounts of data from various sources to solve complex problems and make informed decisions
• Proficiency in developing and automating client-facing reports
• Excellent communication skills for both technical and non-technical audiences
• Demonstrated understanding of cybersecurity threats and incident response procedures
• Knowledge of risk assessment tools, technologies, and methods
• Expertise in computer networking and security
• Passion for cybersecurity and continuous learning
• Must be able to work effectively in a team environment and collaborate within the team and with other stakeholders

Responsibilities

• Lead the management of Microsoft Sentinel and Defender XDR products, including their integration with existing tools, utilizing them to elevate existing Security Operations
• Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities
• Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate endpoint threats effectively
• Design and implement automated security use cases and playbooks to accelerate incident response and remediation
• Assist in overseeing the implementation and management of API security measures, ensuring secure data transmission and compliance with industry-standard API security protocols
• Collaborate with clients to understand their reporting needs and requirements and customize reports accordingly
• Develop, maintain, and automate client-facing reports using our existing security tools. These reports should effectively articulate incident metrics and trends to both technical and non-technical audiences. This role also includes automating the upload of these reports to the ServiceNow client portal
• Create and maintain materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders
• Provide expert guidance on alarm tuning and configuration tasks necessary for Security Service deployment to new and existing customers
• Take a proactive role in updating client Security presentations and discuss findings with our clients
• Perform comprehensive analysis of data from our SOC and SIEM to identify patterns, anomalies, and potential threats
• Design and implement client reports, dashboards, and metrics, and manage response runbooks and walkthrough documents
• Stay informed about the latest security events and techniques to enhance our operations and defense strategies
• Other duties as required