United States onlySenior Security Content Engineer needed in New York, NY to assist our global customers manage their deployments and Azure cloud security solutions.
- Derive security insights through generating detection logic, automation and visualizations.
- Ideate and create client-facing detections to surface security and IT operations concerns.
- Collaborate with clients to design and implement visualizations to assist with understanding security posture, interesting events, and operations metrics.
- Test and tune detection logic to minimize false positives, alert duplication, and whitelisting.
- Identify opportunities for client-specific needs to become base content, including rules, automations, and dashboards.
- Identify opportunities for log content reduction and removal irrelevant events.
- Deliver functional value resulting from research in the form of queries, signatures, rules, and contextual information.
- Advancement of security policies, procedures, and automation.
- Serve as the technical escalation point.
- Communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual.
- Signature writing /algorithm creation. Analyze event logs and recognize signs of cyber intrusions/attacks.
- Use Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
- Develop, automate, and orchestrate tasks with logic apps based on certain events.
- Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks.
- Advise on the Microsoft Cloud Security capabilities across the Azure platform.
- Use Kusto Query Language and scripting languages (Python, PowerShell, BASH and others).
- Digital forensic analysis (host, network, other). Use knowledge of network protocols and devices.
- Use Wireshark, TCP Dump, Security Onion, and Splunk. Use SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus, Network Access Control, Encryption, Vulnerability Identification.
- Use knowledge of intrusion analysis, digital forensics, penetration testing, detection engineering. Use.Net programming, jupyter notebooks, and scripting/ development using web APIs.
Bachelor’s degree in Computer Science plus two years of experience in the job offered or a similar occupation or a HS degree plus four years of experience in the job offered or a similar occupation.
Salary: $125,500.
Send resume to: S Sharma, BlueVoyant Management LLC, 335 Madison Avenue, Suite 5G, New York, NY 10017.
BlueVoyant Candidate Privacy Notice
To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice
