Security Engineer II: Detection Engineer
3 weeks ago
Responsibilities:
Our Partners thrive The H-E-B Way. As a Security Engineer II: Detection Engineer you would have a
HEART FOR PEOPLE you have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teams
HEAD FOR BUSINESS you have an ownership mentality and a consistent track record of timely delivery of high-quality software
PASSION FOR RESULTS the ability to guide the discussion, remove roadblocks, and provide guardrails for your team as they identify challenges and propose solutions.
This position is responsible for developing content and maintaining the reports, alerts, correlation, and triggers for security tool sets, based on data and feedback supplied by Digital Security Operations Center (DSOC) analysts. A deep understanding of security tools is required.
When a DSOC senior analyst requires a piece of information, the system administrator will collaborate with a security engineer to perform the integration, collection, or configuration to receive those pieces of data. This role supports Cyber Fusion Center threat management, Digital Foundational Technology operations, CFC DSOC incident response & DSOC detection engineering efforts.
ROLE
- Analyzes and investigates security alerts and helps tune and improve notables.
- Integrates SIEM with upstream data sources by automating data ingestion.
- Manages large data sets including creating and organizing indexes.
- Completes projects and tasks associated with security monitoring, detection, incident response, and security program initiatives.
- Develops and documents standard operating procedures and best practices.
- As a part of the Cyber Fusion Center, Threat Management & Security Engineering, this position will coordinate with other CFC DSOC team members as well as Digital Foundational Tech (infrastructure) teams to create system connections to collect logs and implement data correlations, & lookup tables.
- Develop and implement customized alert and reporting based on DSOC analysts requests
- Perform or lead orchestration and automation activities (SOAR) to integrate security tools that support DSOC processes.
- Support log aggregation and log retention activities, developing custom solutions when necessary
- Support analytics, tuning, and maintenance of endpoint and network security sensors
- Work closely with other DSOC team members, threat Intelligence analysts or providers, and other Digital Security teams to improve security platforms or tools for consumers of security operations and investigations
REQUIRED
- Minimum of two (2+) years of administrating networked environments, development and support experience with SIEM platforms in medium to large enterprises.
- Understanding of security issues and technologies for desktop, virtual, cloud services, and network infrastructures.
- Must have in-depth knowledge of operating systems and IT infrastructure, while possessing a detailed technical understanding of log collection, security technologies, firewall rules, computer privileges, and databases. Basic operating system administration, knowledge of common network protocols, and overall familiarity with scripting are necessary skills to improve automation and efficiency.
- Experience in IT systems and security policies, standards, industry trends, and techniques.
- Experience working with hybrid cloud infrastructure.
- Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
- Working knowledge of Python, Golang, JavaScript, PowerShell, Perl, or *nix Shell scripting (multiple).
- Experience with published standards, guidance, and frameworks related to information security architecture, information security controls, and practical implementation techniques in an enterprise.
- Fundamental understanding of data and secrets security, system administration, vulnerability management, secrets management and vaulting, and platform/OS security.
- Demonstrate high level of communication skills, both verbal and written with collaborative mindset
- Demonstrate a logical and structured approach to time management and task prioritization.
- Familiarity with Agile and other project management methodologies.
- Ability to work well under pressure and have great organizational and interpersonal skills.
Recommended
- A Bachelors degree in Computer Science or Software Engineering.
- One or more professional security certifications such as Certified Splunk Administrator, CISSP, OSCP, OSCE, GCIH, CASP, AWS Security, or equivalent.
- Three (3) or more years experience in Information Security, IT Risk Management or IT Compliance.
- Familiarity with PCI DSS, HIPAA, and other industry regulations
- Experience working with Splunk Enterprise Security.
PERKS?
- A robust Benefits plan with coverage starting Day One
- Dental, vision, life, and other insurance plans; flexible spending accounts; short term / long term disability coverage
- Partner Care Team, for any time you have healthcare or coverage questions
- Telehealth offers 24/7 access to board-certified doctors by phone
- Partner Guidance allows free counselor visits
- Funeral leave, jury duty, and military pay (subject to applicable law)
- Maternal / paternal leave for new parents, including adoptions
- 10% off H-E-B brand products in-store and online
- Eligibility to participate in 401(k)
ISSEC3232
-
Security Engineer II: Detection Engineer
3 weeks ago
San Antonio, Texas, United States H-E-B Full timeResponsibilities:Our Partners thrive The H-E-B Way . As a Security Engineer II: Detection Engineer you would have a HEART FOR PEOPLEyou have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teamsHEAD FOR BUSINESSyou have an ownership mentality and a consistent track record of timely...
-
Detection & Response Security Engineer
4 weeks ago
San Francisco, United States Security Bank & Trust Full timeHarvey is a secure AI platform for professionals in law, tax, and finance that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized by our expert team of lawyers, engineers and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons...
-
Cybersecurity Detection Engineer
2 weeks ago
San Antonio, United States Quadtec Solutions, Inc Full timeJob DescriptionJob DescriptionThis role is a remote role, however, the customer may require the engineer to come in to the San Antonio office if deemed necessary.The detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable...
-
Cybersecurity Detection Engineer
4 weeks ago
San Antonio, United States Quadtec Solutions, Inc Full timeJob DescriptionJob DescriptionThis role is a remote role, however, the customer may require the engineer to come in to the San Antonio office if deemed necessary.The detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable...
-
San Francisco, United States Hybrid Pathways Full timeAbout the Opportunity: Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support clients Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in place to discover threats against infrastructure, data,...
-
San Francisco, United States Hybrid Pathways Full timeAbout the Opportunity:Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client's Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in place to discover threats against infrastructure, data,...
-
San Francisco, California, United States Hybrid Pathways Full timeAbout the Opportunity:Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client's Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in place to discover threats against infrastructure, data,...
-
San Francisco, California, United States Hybrid Pathways Full timeAbout the Opportunity: Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support clients Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in place to discover threats against infrastructure, data,...
-
San Francisco, United States Hybrid Pathways Full timeJob DescriptionJob DescriptionAbout the Opportunity: Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client’s Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in...
-
San Francisco, United States Hybrid Pathways Full timeJob DescriptionJob DescriptionAbout the Opportunity: Hybrid Pathways, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client’s Threat Management objectives to build, maintain and improve threat detections and alerting infrastructure and to ensure the right data collection and detections are in...
-
Back End Software Engineer II
1 month ago
San Francisco, United States Abnormal Security Full timeJob DescriptionJob DescriptionAbout YouThe OpportunityIn a cloud software world, who you are and what you have access to determines the risk associated with your accounts being compromised, Abnormal Security aims to build a comprehensive tool to understand the employees of our customers, and aid security professionals in assessing the risks and threats...
-
Sales Engineer
1 month ago
San Antonio, United States Security 101 Full timeJob Title: Sales Engineer Company: Security 101 Location: San Antonio, TX Job Summary: Security 101 – San Antonio is now recruiting for a Commercial Security Sales Engineer that has experience estimating, designing, engineering, and configuring a full range of commercial electronic security systems. Primarily IP network systems and overall security systems...
-
Sales Engineer
1 month ago
San Antonio, United States Security 101 Full timeJob DescriptionJob DescriptionJob Title: Sales EngineerCompany: Security 101Location: San Antonio, TXJob Summary:Security 101 – San Antonio is now recruiting for a Commercial Security Sales Engineer that has experience estimating, designing, engineering, and configuring a full range of commercial electronic security systems. Primarily IP network systems...
-
Back End Software Engineer II
5 days ago
San Francisco, United States Abnormal Security Full timeJob DescriptionJob DescriptionAbout The JobIn a cloud software world, who you are and what you have access to determines the risk associated with your accounts being compromised, Abnormal Security aims to build a comprehensive tool to understand the employees of our customers, and aid security professionals in assessing the risks and threats impacting their...
-
Back End Software Engineer II
1 day ago
San Francisco, United States Abnormal Security Full timeJob DescriptionJob DescriptionAbout The RoleIn a cloud software world, who you are and what you have access to determines the risk associated with your accounts being compromised, Abnormal Security aims to build a comprehensive tool to understand the employees of our customers, and aid security professionals in assessing the risks and threats impacting their...
-
Network Security Engineer
3 weeks ago
San Antonio, United States Booz Allen Hamilton Full timeJob Number: R0199722Network Security Engineer The Opportunity: A well-designed secure network is critical to move data and enable the DoD to achieve their mission, but how can an organization make sure their network will fit their evolving needs? Crafting the right network, with the right equipment and software, requires a combination of technical skill and...
-
Senior Staff Security Engineer
1 month ago
San Francisco, United States Aurora Innovation Full timeWho We Are Aurora (Nasdaq: AUR) is delivering the benefits of self-driving technology safely, quickly, and broadly to make transportation safer, increasingly accessible, and more reliable and efficient than ever before. The Aurora Driver is a self-driving system designed to operate multiple vehicle types, from freight-hauling semi-trucks to ride-hailing...
-
Network Security Engineer, Senior
2 weeks ago
San Antonio, Texas, United States Booz Allen Hamilton Full timeJob Number: R0199404Network Security Engineer, Senior The Opportunity: A well-designed secure network is critical to move data and enable the Department of Defense (DoD) to achieve their mission, but how can an organization make sure their network will fit their evolving needs? Crafting the right network, with the right equipment and software, requires a...
-
Network Security Engineer, Senior
4 weeks ago
San Antonio, United States Booz Allen Hamilton Full timeJob Number: R0199404Network Security Engineer, Senior The Opportunity: A well-designed secure network is critical to move data and enable the Department of Defense (DoD) to achieve their mission, but how can an organization make sure their network will fit their evolving needs? Crafting the right network, with the right equipment and software, requires a...
-
Triage Security Engineer 3
1 month ago
San Antonio, United States Arctic Wolf Full timeArctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We’re looking for a...
