Job Description

Description

Purpose:


Our team is seeking an experienced Security engineer to join our Cybersecurity team. This Engineer is responsible for securing cloud environments by implementing and managing security controls, detecting threats, and establishing robust logging systems to monitor and audit cloud infrastructure and data. Responsibilities include assessing risks, performing vulnerability scans, responding to incidents, developing policies, and collaborating with teams to build secure cloud-native solutions


Responsibilities:

Be part of the architectural direction, administration, maintenance, documentation, and oversight of the Security information and event management, SIEM solution Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize cloud-based log ingestion platform CRIBL for onboarding relevant logs from all data sources Participate in Ad-hoc incident response investigations Collect and review security logs from all systems (Azure, SAAS applications, GitLab, OS, , Ping, etc.) Ensure compliance with internal policies, standards, and regulatory requirements Work with Cyber monitoring team and contribute to creation of runbooks Create and provide oversight for rule creation to generate actionable security alerts Identify inconsistencies in logs and work with development, infrastructure and security teams and work to standardize them Assist on root cause analysis (RCA) and security incident reviews Guarantee the availability, and recoverability of the SIEM ecosystem Deploy, configure, and manage SSPM solutions (e.g., CrowdStrike FalconShield, Adaptive Shield, AppOmni). Integrate SSPM with major SaaS platforms (Microsoft 365, Salesforce, Google Workspace, Workday, etc.). Monitor SaaS environments for misconfigurations, excessive permissions, and compliance gaps. Develop remediation workflows and integrate with SOAR/ticketing systems Align SSPM controls with compliance standards (ISO, SOC2, GDPR, HIPAA) based on requirements

VS&Co provides a range of compensation for this role as shown. Your actual salary will be determined by a number of factors, including: your specific skills and experience, geographic region, or other relevant factors.

Qualifications

Education & Skill

Bachelor's / Master's degree in Information Systems, Engineering, Mathematics. Computer Science or Cyber Security or equivalent experience Deep technical knowledge of systems in a multi-tenant, cloud environment Strong knowledge of networking protocols (TCP/IP, DNS, HTTP) Familiarity with Linux and Windows server environments Experience with cloud platforms such as AWS, Azure, or Google Cloud Scripting skills for automation (e.g., Python, PowerShell) Good analytical, communication, and stakeholder management skills Ability to work effectively in a team environment and contribute to collective success

Work Experience :

5-7 years of experience in supporting log management solutions, having worked on cloud-security solutions Experience Operating on Crowdstrike Falconshield or related technologies for securing SAAS solutions Knowledge of data center and cloud network architectures Familiarity with Linux and Windows server environments Basic knowledge of incident investigation/response, including SIEM analyst experience Practical experience building and implementing event correlation rules, logic, and content in security information and event management (SIEM) systems such as QRadar, Splunk, Sentinel, etc. Practical experience in tuning SIEM event correlation rules and logic Practical experience in maintaining event schema with customized security severity criteria. Basic experience in creating scheduled and ad-hoc reporting with SIEM tools. * Detailed knowledge of SIEM technologies and event collector deployments in the Windows and Linux operating environments.