We are seeking an experienced Lead Security Software Engineer to enhance our team.
The successful candidate will have extensive knowledge in Cyber, Information, Network, and Cloud Security within Enterprise settings. They should have a proven track record in an Enterprise SOC environment and hands-on skills in configuring both SIEM and SOAR technologies to elevate the detection and response measures for security incidents.
Req.#720143286

#LI-DNI

Responsibilities

• Configuration of SIEM and SOAR solutions for seamless integration with various security tools, systems, and data sources
• Execution of tests and validation of SIEM and SOAR configurations
• Construction and deployment of detection use-cases and SIEM detection rules
• Development and rollout of SOAR remediation use-cases
• Efficiency enhancements in security operations through the creation, testing, and refinement of SOAR playbooks
• Integration and optimization of log sources with SIEM solutions for improved log ingestion and processing
• Execution of threat hunting, data enrichment, threat intelligence feed onboarding, and automated response utilization
• Generation of reports for stakeholders, accommodating both technical and non-technical audiences
• Keeping abreast with the latest SIEM technologies and advocating for continuous enhancement practices

• Minimum 5 years of experience in SIEM solutions like Azure Sentinel, Splunk, Google SecOps, QRadar, or ArcSight
• 1+ years of relevant leadership experience
• Capability to work with cloud platforms such as GCP or Azure
• Technical knowledge of internet security protocols, network protocols, IDS/IPS, firewalls, content filtering technologies, and Network Behavior Analysis tools
• Basic understanding of Windows, Linux, DB, network device monitoring, and log techniques
• Familiarity with host and network security hardening and common security risk management practices
• Fluent English communication skills at a B2+ level

• Proficiency in Python or PowerShell scripting and automation, and developing API integrations with SIEM/SOAR tools
• Familiarity with MITRE ATT&CK framework, CAPEC, and other attack frameworks
• Background in employing AI for daily security operations
• Experience with SIRP/SOAR tools including Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, or Resilient
• Knowledge of Splunk SPL, Splunk CIM, YARA-L 2.0, UDM, and KQL

• Extended Healthcare with Prescription Drugs, Dental and Vision, and Healthcare Spending Account (Company Paid)
• Life and AD&D Insurance (Company Paid)
• Employee Assistance Program (Company Paid)
• Telehealth (Company Paid)
• Short-term Disability (Company Paid)
• Long-Term Disability
• Paid Time Off (including vacation and sick days)
• Registered Retirement Savings Plan (RRSP) with Company match
• Maternity/Parental/Adoption Leave Top-up
• Employee Stock Purchase Program
• Critical Illness Insurance
• Employee Discounts
• Unlimited access to LinkedIn learning solutions