JOB TITLE                     Security Engineer

REPORTS TO                Director - GSOC

JOB PURPOSE

The Security Engineer is responsible for all aspects of Onboarding and troubleshooting for SentinelOne & AlienVault for all IR and MDR engagements.

ROLES AND RESPONSIBILITIES

The Security Engineer provides onboarding support, S1 agent installation, troubleshooting the issues if any, sensor deployments if needed, log source onboarding in SIEM, and related activities for all active engagements. The Security Engineer supports overall implementation by providing necessary support for current matters. The Security Engineer role reports to the GSOC Director taking direction on what is needed regarding all aspects of SentinelOne and AlienVault for the engagements. The Security Engineer works with the IR Lead to support SentinelOne installations, interoperability issues, exclusions, whitelisting, and overall troubleshooting. The Security Engineer ensures that SentinelOne is deployed to a client’s environment they are fully protected by it. 

The Security Engineer is responsible for:

• Responsible for the client communication to initiate the onboarding.
• Responsible for preparing and sharing the network prerequisites & SentinelOne packages.
• The Security engineer needs to ensure all required details are in place before an activity is started.
• Responsible for all SentinelOne-related inquiries and tasks for their assigned projects.
• Good understanding of API queries
• Good understanding of scripting
• Good understanding of developing PowerShell scripts and writing batch files for ad hoc requirements
• Documents SOP and procedures related to common client inquiries related to SentinelOne deployment, support, and troubleshooting.
• Provides resolution for onboarding/performance-related issues to IR Lead or engages directly with the client.
• Provides daily reports on SentinelOne deployment status.
• Leads technical training and acclimation for clients to familiarize themselves with the S1 interface and functionalities.
• Responsible to drive all AlienVault deployments with customers.
• The Security engineer needs to understand the architecture, deploy the sensors, and prepare the log baseline for assets in scope for log collection.
• Responsible for making sure ingested logs are parsed properly and alarms are getting triggered as expected.
• Responsible for developing custom parsers for applications to onboard them to SIEM solutions.

DISCLAIMER

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required for personnel so classified. 

SKILLS AND KNOWLEDGE

• 5+ Years of IT security-related background
• Current or previous experience with Endpoint Detection and Response (EDR) toolsets
• SOC/CIRT team experience
• Ability to communicate in both technical and non-technical terms both oral and written
• Network Security Monitoring (NSM), network traffic analysis, and log analysis
• Penetration Testing / Vulnerability Scanning
• Static and dynamic malware analysis
• Applied knowledge in at least one scripting or development language (such as Python)
• Thorough understanding of enterprise security controls in Active Directory / Windows environments
• Experience with hands-on penetration testing against Windows, Unix, or web application targets

JOB REQUIREMENTS

• Intermediate understanding of Windows and Unix Intervals
• Novice understanding of Digital Forensics and Incident Response
• Advanced analysis techniques for reviewing large datasets
• Novice understanding of TCP/IP and OSI Model
• Advanced understanding of the Incident Response Life Cycle (Preparation, Identification, Containment, Eradication, Recovery, Lesson Learned)
• Novice understanding of the MITRE ATT&CK framework

WORK ENVIRONMENT

While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.

PHYSICAL DEMANDS

• No physical exertion is required.
• Travel within or outside of the state.
• Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects.

TERMS OF EMPLOYMENT

Salary and benefits shall be paid consistent with Arete's salary and benefit policy.

FLSA OVERTIME CATEGORY

Job is exempt from the overtime provisions of the Fair Labor Standards Act.

DECLARATION

The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description. Any employee making changes unauthorized by the Human Resources Department will be subject to disciplinary action up to and including termination.

EQUAL EMPLOYMENT OPPORTUNITY

We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. Different makes us better. 

Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.

 

 

When you join Arete…

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.

Equal Employment Opportunity

We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.