This site uses cookies. To find out more, see our Cookies Policy

Security Product Engineer SOAR in New York at Vaco

Date Posted: 5/3/2019

Job Snapshot

Job Description

They role can be based anywhere in the NE with travel, but preference in the NYC, NJ, or CT area.

Security Product Engineer Job Description

Client is looking for a dedicated and creative customer-facing Security Product Engineer to join our team. An ideal candidate should have a deep understanding of networking technologies, corporate IT or cloud environment, and experience with Incident Response and Security Orchestration and Automation platforms.

This position is a great opportunity for someone who is seeking to solve complex cyber security problems by automating workflows and creating playbooks using Security Orchestration, Automation and Response (SOAR) platforms. Out of the box, critical thinking is essential to the success of this position and SOAR, threat intel analysis, and incident response related work experience is highly desired. Additionally, candidates must have a customer-first attitude and be comfortable interacting with a number of different stakeholders.

Responsibilities:

  • Customer Interactions - work with our customers on designing, deploying, configuring and integrating Client products in their environment and workflows.
  • Technical SME - Technical consulting to the customer throughout the product life cycle and be the primary point of contact to the customer for incident response , threat intelligence, threat hunting, security analysis related requirements and queries.
  • Product go live and deployment - Assist customer through an organized go-live process and deploy the Client solutions meeting customer requirements and delivery timeline.
  • Product Updates - Coordinate with Client's Engineering team on new product version upgrades and applying hotfixes/security patches
  • Product integrations - Coordinate with customer on product integration requirement and help integrate with Client solutions
  • Coordination and collaboration - Work with customer's Security Operations, Threat Intelligence, and Incident Response teams on developing and managing the needed orchestrations and automation workflows and playbooks
  • Troubleshooting - Track issues and problems during deployment and throughout product life and ensure closure working with Customer Support teams.
  • Recommend process improvements to ensure system scalability and reliability.
  • Act as primary customer contact for product related inquiries, issues, and feature enhancements.

Knowledge and Key skills (Required):

  • Experience with Incident Response, Threat Intelligence, and Security Orchestration and Automation Platforms
  • 2-3 years of hands-on experience with security technologies such as EDR, SIEM, Firewalls, AV, and IDS/IPS
  • 1-2 years' experience with Security Orchestration, Automation and Response (SOAR) products
  • Familiar with System administration in Windows, Linux/Unix, Windows Powershell, Ansible, SaltStack, Chef, or Puppet
  • Infrastructure Knowledge base covering Networking, Compute, Virtualization, Open stack, Storage, Load balancing, etc.
  • Knowledge of networking and network protocols (TCP/UDP, DNS, HTTP/HTTPS, SSH, FTP, etc.)
  • Experience with Application deployment and support
  • Hands-on experience working in a product integration environment. Knowledge of REST API best practices and usage is an advantage.
  • Experience with log management platforms (Splunk, Elastic search/Logstash/Kibana - ELK / Elastic Stack)
  • Experience in working with security operations center (SOC) , fusion center, and security architecture teams is a plus
  • Cloud environments and technologies (AWS, Azure, GCP)
  • Good communication skills, problem solving and analytical skills.
  • Experience in customer-facing roles

Qualification:

Bachelor's degree or higher, in Computer Science, Engineering, IT or related discipline, or equivalent professional experience

Experience:

2-5 years in security operations, SOC, SIEM, Incident Response, Automation

Certifications a Plus: OSCP, CEH, SANS/GIAC, CISSP, Sec+, CASP or similar professional certifications