Ultimate
Remote Security Engineer II
At a glance
Location: US-CA-Home-Based Map
Posted: 11/15/2021
Closing: 12/14/2021
Degree: Not Specified
Type: Full-Time
Experience: Not Specified
Ultimate
Job description
OverviewOur Insurance client is seeking a Security Monitoring Engineer to assist with detecting and responding to the organization's cyber threats. This is an experienced role within our SOC where you would be using your past SOC experience to help with escalations from others on the team as well as improving our ability to efficiently detect and respond to attacks.

Location: Newport Beach, CA OR Remote (preferably local to the area)
Duration: 6 month contract to hire
Pay Terms: Up to $70/hr. by W-2Responsibilities
  • Identify, investigate, and respond to the organization's security threats.
  • Develop and operationalize effective detection content aligned to MITRE ATT&CK framework.
  • Establish and refine repeatable playbooks and procedures allowing the team to efficiently and accurately investigate alerts.
  • Serve as an escalation point for other Security Operations team members.
  • Perform triage of service requests from customers and internal teams
  • Mature and enhance the tools, tactics, and procedures used within the team.
  • Assist with investigations conducted by our Incident Response Team.
  • Maintain expert level knowledge of the tools and processes required by the role and serve as a capability lead in your area of expertise.
  • Maintain awareness of the current threat landscape and recommend mitigations against threats.
  • Assist in the generation of threat advisories to inform stakeholders and customers of relevant, newly emerging threats.
  • Perform log analysis across many different tools, applications and operating systems
 Factors for Success
  • 5+ years of experience in Information Security.
  • 2+ years of experience working in a SOC.
  • Knowledge and familiarity with current industry best practices (information security policies, procedures and regulations) and tools (event management and automation) to perform cyber defense activities within the context of an Enterprise SOC.
  • Experience working within an enterprise SIEM. Splunk and Splunk Enterprise Security is preferred.
  • Ability to participate as a member of operational team, or function independently to achieve organizational objectives and project outcomes.
  • Knowledge of adversarial tactics, techniques and procedures (TTPs) and ability to share meaningful insights within the context of an organization's threat environment.
  • Relevant professional certifications such as Security+, C|EH, GCIH, CISSP and/or equivalent professional experience, education or skills.
  • Strong documentation and soft skills
  • Growth mindset with a willingness to learn
TECHNICAL SKILLSMust Have
  • MITRE ATT&CK
  • Playbook Development
  • Security Operations Center
  • SIEM
  • Use Case Development
Nice To Have

We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
Remote Security Engineer II