Information Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, MIS, Information Technology, or another related STEM field.
• Minimum of four years in Cybersecurity or Information Technology with hands‑on detection engineering experience, including SOC or incident response work involving analytics and automation.
• Experience with security tools such as Splunk, CrowdStrike, Sentinel, Cribl, Defender, XSOAR, or similar technologies.
• Scripting knowledge with Python, PowerShell, or Bash (preferred).
• Understanding of frameworks such as Cyber Kill Chain and MITRE ATT&CK.
• Strong problem‑solving skills with a structured and analytical approach.
• Strong written and verbal communication skills including communication with analysts, leadership, and external partners.
• Flexible, adaptable, and collaborative working style with strong relationship‑building skills.
• Willingness to travel up to 10 percent.

Responsibilities

• Engineer, implement, and continuously improve detections across SIEM, endpoint, network, and related telemetry sources to increase signal fidelity and reduce alert fatigue.
• Develop, document, and maintain standard operating procedures, runbooks, and playbooks that support incident detection, response, and escalation.
• Apply threat‑informed defense practices using frameworks such as MITRE ATT&CK to guide detection coverage, validate gaps, and enhance overall security posture.
• Tune detection logic, thresholds, correlations, and suppressions to reduce false positives and false negatives while maintaining strong visibility and coverage.
• Partner with SOC analysts and incident responders to close detection gaps identified during investigations and post‑incident reviews.
• Identify and implement automation and SOAR opportunities that improve investigation efficiency, response speed, and operational consistency.
• Maintain the operational health of security monitoring tools and telemetry pipelines, ensuring log quality, visibility, and consistent coverage across environments.
• Provide timely and accurate reporting on detection performance, trends, key metrics, and overall security activity to leadership and partners.
• Evaluate emerging security technologies, adversary tactics, and industry trends to strengthen detection and response capabilities.
• Investigate and triage security alerts, determining scope, impact, and severity while documenting case details and findings.
• Participate in the rotational SOC responder schedule, including on‑call coverage when required.

Benefits

• Health: Comprehensive healthcare plans, wellness incentive program, mental wellbeing support and fitness reimbursement
• Wealth: Great pay, bonus incentive opportunity, matching 401(k) and stock purchase plan
• Growth: Career development opportunities, employee resource groups, on-demand learning and tuition reimbursement
• Balance: Paid-time off, parental leave, flexible work-schedules (subject to your location and role) and volunteer opportunities