Security Engineer II Elastic Stack

DESCRIPTION
Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).

Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).

We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.

Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.

While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.

SUMMARY

We are seeking an Security Engineer II to serve as a technical resource and leader. This position supports both our team that Onboards new customers and our team that manages customers in Production. 

Onboarding, 50% of this role:  this part of the position centers on security and availability of customer data as it is brought into the Proficio SIEM. The Security Engineer II will assist in working with new clients as they transition to our ProSOC MDR service. This includes ensuring timely deployment of services, developing a personalized on-boarding strategy for each customer and auditing of systems reporting from the client to our Security Operation Center. 

Production Support, 50% of this role:  this part of the position will help ensure delivery of our Elastic Stack Services to meet or exceed the defined service levels of our clients. The Security Engineer II will respond to customer requests and act as a trusted technical resource for our clients while striving to maintain high reliability and performance within our customer’s environments.

Responsibilities

• Assist in the onboarding and implementation of ProSOC MDR service solutions for Proficio clients across industries and geographic locations. 
• Act as a technical liaison between Proficio and its customers during the onboarding process.
• Review technical security posture (network, application, and database) for existing and newly acquired businesses or services.
• Perform security reviews and monitoring of the production environment. 
• Perform the installation and configuration of security monitoring tools in support of our ProSOC service.
• Use out of the box thinking as well as industry standard troubleshooting tools, such as, Wireshark, TCPDUMP, and other tools, to facilitate on-boarding of customer data sources.
• Work with senior staff to evaluate client security devices and make recommendations based on industry standards for security configurations.
• Assist senior staff when they provide Subject Matter Expert (SME) services, engaging directly with clients to perform necessary research, answering questions and making recommendations based on industry standards and best practices.
• Participate in engineering team on-call rotation.

Requirements

• A bachelor’s degree in Information Systems, Business, Computer Science, or a related field from an accredited institution OR equivalent experience
• Minimum 2+ years’ experience in Information Technology, including but not limited to IT Security/Cybersecurity, Linux and/or Windows System Administration, Network Engineering, Security Engineering.
• Minimum 2+ year’s experience working with customers and/or end-users in and Information Technology setting.
• Security certification required, such as, Security+ and Network+.
• Proficient experience with Unix/Linux command-line (Redhat/CentOS, Ubuntu, Debian, etc.)
• Proficient experience with Bash or Perl scripting, or other shell scripting.

• Experience reviewing firewall and Linux/Windows server event logs for operational and security purposes (either locally, in an external SIEM, or in a centralized log aggregation/management too)
• Experience with configuring and troubleshooting system and networking-related issues, including, but not limited to syslog, DNS, load-balancing, IPSec VPN’s, SSL VPN’s, etc.
• Experience deploying, configuring, and administering Linux/Windows virtual machines.
• Experience working with Docker, and Kubernetes.
• Experience with system and networking monitoring tools, such as PRTG or Zabbix.
• Experience using and troubleshooting issues with a SIEM solution, such as ArcSight, Splunk, Elastic (ELK) Stack, Sentinel, and/or QRadar.
• Experience working with vulnerability assessment and remediation tools, such as Qualys, Nexpose, or Nessus.
• Effective time management skills.
• Excellent communications skills, both written and oral.
• Customer focused mindset and a willingness to go above and beyond to fulfill customer requirements, requests, and needs.
• Ability to participate in on-call rotation for after hours and weekend escalations.

Nice to have: 

• 4+ years experience as a Network Engineer and/or Security Engineer in a corporate or SOC/NOC setting.
• Advanced/Intermediate security certifications, such as SANS/GIAC, CISSP, CISA, CISM.
• Experience working with a public cloud (AWS, Azure, GCP)
• Software Engineering experience, primarily with Python.
• Vendor certifications from (one or more) Palo Alto, Fortinet, Cisco, Elastic, AWS, Azure, etc.
• Experience configuring and managing firewalls and/or IDS/IPS devices in a corporate setting.
• PowerShell and/or Terraform experience.

Benefits

• Opportunity to work in a progressive organization with structured training and roadmap for success

• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!
• Experience in one of the hottest IT industries today

Proficio is an EOE employer.

Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at www.proficio.com/privacypolicy