Security Engineer II Elastic Stack

Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).

 Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).

 We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.

 Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.

 While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

 Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.

 SUMMARY

We are seeking an energetic Security Engineer II to serve as a technical resource and leader. This position has two components and supports both our team that Onboards new customers and our MSS team that manages security devices for our customers. 

Onboarding, 60% of this role:  this part of the position centers on security and availability of customer data as it is brought into the Proficio SIEM. The Security Engineer II will assist in working with new clients as they transition to our ProSOC service. This includes ensuring timely deployment of services, developing a personalized on-boarding strategy for each customer and auditing of systems reporting from the client to our Security Operation Center. 

MSS device configuration/maintenance, 40% of this role:  this part of the position will help ensure delivery of our Elastic Stack Managed Security Services to meet or exceed the defined service levels of our clients. The Security Engineer II will respond to customer requests and act as a trusted technical resource for our clients while striving to maintain high reliability and performance within our customer’s environments. This position also includes managing and optimizing overall IT infrastructure and systems used in the delivery of our Managed Security Services.

 Responsibilities

• Assist in the onboarding and implementation of ProSOC service and Managed Security Services solutions for Proficio clients across industries and geographic locations. 
• Act as a technical liaison between Proficio and its customers during the onboarding process.
• Review technical security posture (network, application, and database) for existing and newly acquired businesses or services.
• Perform security reviews and monitoring of the production environment. 
• Perform the installation and configuration of security monitoring tools in support of our ProSOC service.
• Use out of the box thinking as well as industry standard troubleshooting tools, such as, Wireshark, TCPDUMP, and other tools, to facilitate on-boarding of customer data sources.
• Work with senior staff to evaluate client security devices and make recommendations based on industry standards for security configurations.
• Assist Proficio engineering team with tasks related to the review and development of Managed Security Services related processes and procedures.
• Assist senior staff when they provide Subject Matter Expert (SME) services, engaging directly with clients to perform necessary research, answering questions and making recommendations based on industry standards and best practices.
• Participate in engineering team on-call rotation.

Requirements

• A Bachelor’s degree in Information Systems, Business, Engineering, or a related field from an accredited institution OR equivalent experience
• 4-5+ years’ experience as a Network Engineer or Security Engineer working with a broad range of technologies
• Minimum 2+ years’ experience in Information Technology IT Security in a SOC or NOC environment working with a broad range of technologies highly preferred.
• Security certification required, such as, Security+ and Network+. Security certification such as SANS/GIAC, CISSP, CISA, CISM are a plus
• Basic Unix or Linux systems administration and command-line experience (Redhat/Linux, FreeBSD, Ubuntu, etc.).
• Experience with Windows Server security logs.
• Experience in the configuration and troubleshooting of IPSec VPN tunnels.
• Knowledge of network analysis tools, such as, Wireshark and TCPDump and SCP.

• Knowledge of UNIX and Windows environments as may pertain to Network and Security tasks including syslog, DNS, load balancers and BIND, BigIP command line on BSD, Windows Event Log.
• Hands-on experience installing, configuring and administering network and security devices, applications and systems
• General understanding of SIEM operations experience with Elasticsearch is a strong plus
• Managed Services experience preferred with a customer focused mindset that is willing to go above and beyond to satisfy a customer requirement absolutely required
• Experience performing vulnerability assessment and remediation using products such as Qualys, Nexpose or Nessus is a plus
• Proficient with Linux (scripting in Bash or Perl is required and Python is a plus)
• Vendor certifications from Palo Alto, Cisco, Juniper etc. are a plus
• Effective time task management skills.
• Strong communications skills, both written and oral
• Ability to participate in on-call rotation for after hours and weekend escalations

 At least 1 years’ experience configuring and/or using the following:

•  Security Management Systems (i.e. Tipping Point SMS, CheckPoint Security Management Server, Cisco Sourcefire Management Console, or JunosSpace)
• Firewalls (Cisco, Palo Alto, Checkpoint, Fortinet, Juniper SRX, or IPTables)
• IDS/IPS (Cisco AIP or Sourcefire, McAffee, Juniper or Tipping Point)
• Linux command line or similar operating system
• Experience with Vulnerability Management Tools
• Wireshark or other similar industry standard application
• Data Encryption using SSH, IPSEC VPN or TLS/HTTPS

Benefits

• Opportunity to work in a progressive organization with structured training and roadmap for success

• Lunches and fun employee activities!
• Experience in one of the hottest IT industries today

Proficio is an EOE employer.