Job Description

ABOUT the MAD SECURITY TEAM

At MAD Security, your passion for excellence and dedication to integrity can thrive. Every challenge is an opportunity to innovate, and every project is a chance to exceed expectations. As an esteemed team member, you’re not just doing a job; you’re making a difference in a culture that values hard work, accountability, and continuous growth. Be a part of a team where your efforts are recognized and celebrated, your integrity is cherished, and your professional development is a priority.

Position Overview

We seek a Senior Cybersecurity Engineer with proven experience in Security Operation Center environments, particularly within MSP or MSSP organizations. The ideal candidate is driven by a commitment to excellence and continuous improvement, with a strong focus on protecting our clients by simplifying complex cybersecurity challenges. This role requires extensive expertise in SOC operations, incident response, threat hunting, and vulnerability management.

As a Senior Cybersecurity Engineer, you will be part of a dynamic, multi-functional team that includes network engineers, cyber operations technical leads, cyber operations center managers, firewall engineers, and compliance management consultants. This role reports to the SOC Technical Lead and encompasses three key responsibilities:

1. Client Support and Relationship Management: Provide expert cybersecurity guidance to clients, building trust and fostering partnerships to address their unique cybersecurity needs.
2. Collaboration with Stakeholders: Engage in discussions and meetings with senior executives, Information System Managers, and Cybersecurity Specialists within MAD Security and externally.
3. Objective Alignment: Contribute to achieving company goals monthly, quarterly, and annually.

We seek someone passionate about cybersecurity, capable of managing advanced SOC operations, and dedicated to driving meaningful results for our clients.

PRIMARY DUTIES and ESSENTIAL FUNCTIONS

• Master utilizing the technical tools and procedures used to manage the SOC
• Deep understanding of how SIEM/SOAR technologies function
• Experience in administrating and maintaining Elasticsearch
• Experience in problem-solving during incident response events
• Experience with planning and executing focused threat hunt operations
• Collaborate with all SOC experts to monitor, identify, and make notifications on cybersecurity matters to provide a holistic and seamless cybersecurity experience for the client
• Analyze, triage, aggregate, escalate, and report on client security events, including investigation of anomalous and malicious activity
• Perform correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents
• Continuously work to improve SOC technologies to minimize false positives and maximize detection and prevention effectiveness
• Develop and track key performance indicators (KPIs) related to SOC operations to benchmark and further enhance capabilities
• Develop comprehensive and accurate reports and presentations for technical and executive audiences
• Design and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issues
• Communicate regularly with the team and with clients to proactively address concerns

REQUIRED QUALIFICATIONS

• Minimum six (6) years of experience in IT Security and/or Information Technology.
• Experience working in a Security Operations Center in an enterprise or managed services provider environment.
• Experience in an incident response, forensics, threat hunting, or incident investigation role in large-scale environments.
• A bachelor's degree in the following areas of study is preferred: Information Technology, Information Security/Assurance, Computer Science, or an equivalent combination of education and experience. A master's degree is a plus.
• Industry-recognized professional certifications such as CISSP, CASP+, GCIH, GCFA, GNFA, GREM
• Experience with industry security tooling in SIEM/SOAR platforms.
• Fortinet, AT&T AlienVault, Avanan, Preveil, Bricata, Elastic is a plus.

Skills and Capabilities

• Strong problem-solving and critical-thinking skills. Ability to prioritize and execute autonomously.
• Ability to develop and manage cybersecurity projects.
• Ability to communicate effectively with all staff, management, and clients orally and in writing.
• Ability to collaborate across the organization and operate effectively with multiple teams and solutions towards a shared goal.
• Strong understanding of the latest security principles and protocols.
• Strong understanding of security operations technologies, including SIEM and orchestration.
• Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
• Demonstratable working knowledge of emerging technologies and tactics used within a SOC or IR and how they are applied to improve efficiency and effectiveness.
• Understanding of tactics, techniques, and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures, and threat-hunting techniques.

Job Tags

Similar Jobs