Lead Security Engineer

Posted:
7/28/2024, 5:00:00 PM

Location(s):
California, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

  • 10 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last five years and demonstrated ability to carry out the job functions effectively.

  • Proven experience and knowledge of Enterprise Security Operations, Data Engineering and Detection Engineering.

  • Knowledge on log parsers, Endpoint Detection and Response software (SentinelOne, Crowdstrike, Microsoft Defender etc.)

  • Advanced knowledge of at least one leading SIEM platform (Splunk, Chronicle etc.) and SOAR platforms such as XSOAR, Siemplify, FortiSOAR etc.

  • Familiarity with attack patterns, tactics, techniques, and procedures (TTPs) used by cyber adversaries.

  • Experience with cloud security and understanding of cloud-based threat detection strategies.

  • Basic scripting or development experience in one of the following languages: Python, PowerShell, bash, etc

  • Experience managing lifecycle of security log sources, including onboarding, modifying, creating log parsers and decommissioning of log sources.

  • Experience with developing detections in Sigma, YARA, YARA-L, KQL, SPL.

  • Exceptional written and verbal communication skills.

Position Overview 

You will play a critical role in our cyber security function to ensure enterprise and client  data is secure. You will help: 

  • Own and Manage lifecycle of security log sources, including onboarding, modifying, creating log parsers and decommissioning of log sources.

  • Work independently, with limited direction from the senior leaders, to perform regular tasks and resolve escalated incidents/requests in a timely manner.

  • Apply advanced expertise to quality control the internal team’s and vendors’ processes, making recommendations to Director of Cybersecurity for operational plans and strategies to directly impact the achievement of overall functional results

  • Collaborate with internal security analysts, threat hunt, and threat intelligence teams along with MSSP’s to understand emerging threats and devise effective detection strategies.

  • Perform continuous monitoring and analysis of the threat landscape to update and refine detection mechanisms.

  • Work closely with the incident response team to provide actionable intelligence and improve response capabilities.

  • Validate and tune detection content to minimize false positives and ensure high accuracy and efficiency.

  • Contribute to the development and maintenance of the organization's security detection repository within the SIEM, ensuring it remains up to date with the latest threats and attack techniques.

  • Proactively identify, investigate, analyze issues and errors prior to or when they occur and log all such incidents in a timely manner. Capture all required and relevant information for immediate resolution.

  • Share such knowledge, to resolve issues, document them, and push the knowledge down to other engineers.

  • Recommend and drive the best practices and improve processes.

  • Act as emergency support contact as needed, for business-impacting issues.


Basic Qualifications

  • Bachelor’s degree in cybersecurity, related field, or equivalent work experience 

  • Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.

  • Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII)

  • In-depth knowledge in the following fields is required: cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices

  • Advanced planning/ organizational, problem-solving, analytical, consulting, time management and decision-making skills required

  • Must be detail oriented and able to maintain a high degree of accuracy

  • Ability to maintain confidentiality crucial  

  • Demonstrated expert knowledge of the MITRE ATTACK framework.

Compensation may vary depending on your location, qualifications including job-related education, training, experience, licensure, and certification, that could result at a level outside of these ranges. Certain roles are eligible for additional rewards, including annual bonus, and sales incentives depending on the terms of the applicable plan and role as well as individual performance. NYC generally ranges; $156,964-$196,205 CA generally ranges; $163,789-$204,736 All other locations fall under our General State range; $136,490-$170,613 Benefits may vary depending on the nature of your employment with Cloud Software Group and the country where you work. U.S. based employees are typically offered access to healthcare, life insurance and disability benefits, 401(k) plan and company match, among others. This requisition has no specific deadline for completion.

About Us:

Citrix and TIBCO recently merged to create Cloud Software Group, now one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value diverse lived experiences, passion for technology, and the courage to take risks.  Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.

Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.

If you need a reasonable accommodation due to a disability during any part of the application process,  please contact us at (800) 424-8749 or email us at [email protected] for assistance.

Cloud

Website: https://cloud.com/

Headquarter Location: San Francisco, California, United States

Employee Count: 101-250

Year Founded: 2013

IPO Status: Private

Last Funding Type: Series A

Industries: Corporate Training ⋅ DevOps ⋅ EdTech ⋅ Education ⋅ Enterprise Software ⋅ Information Technology ⋅ Internet ⋅ SaaS ⋅ Trading Platform