Back to Job Search

Principal Security Engineer

Posted about 1 month ago

Terrific 3+ months contract opportunity in Coppell, TX for a Principal Security Engineer. Will support direction for advanced Information Security and consults on all aspects of Security Operations across the enterprise, and evaluates the risks associated with new and existing security operations technologies as they relate to team and department objectives. Will also work closely with the Security and Infrastructure System and process Owners and other IT Resources. This is a highly technical and consultative position responsible for multiple technologies and processes across the security operations and engineering area. Candidate will have a mix of deep technical knowledge, and a demonstrated background in information security procedures and processes. They must have a passion for security operations and for filling gaps in capabilities.
Day-to-Day Responsibilities:
  • Administration of Splunk SIEM rules to ensure proper governance of security monitoring controls.
  • Design and develop processes to ensure Splunk SEIM implementation aligns with organizational regulations and security best practices.
  • Engineer solutions for enhancements of Splunk SIEM technology and work with MSSP to coordinate submitted and completed.
  • Develop SIEM implementation and deployment processes for log injection, monitoring, and transition to analysis procedures.
  • Administration of ObserveIT Endpoint Data Leakage Security technology rules and configurations.
  • Administration of Zscaler web content rule set and configurations.
  • Administration and engineering of Crowdstrike Endpoint Detection and Response technology rules and configurations or similar next generation AV technology.
  • Administration and engineering of Cloudflare Web Application Firewall and DNS Security technology rules and configuration.
  • Administration and engineering of O365 Security Controls.
  • Administration of Palo Alto or similar network security firewall and Intrusion prevention technology.
  • Coordination with other teams to ensure proper change management processes are followed for updates and configuration changes to Security Operations technologies.
  • Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
  • Work with teammates to collaboratively meet team objectives.
  • Communicating effectively with varying audiences at multiple levels of sensitivity and organizational level.
  • Evaluating the impact of current security trends, advisories, publications, and academic research to coordinate response as necessary across affected teams.
  • Ensure that all data is protected from unauthorized modification, destruction and disclosure.
  • 2+ years' experience with managing Splunk SIEM environment.
  • Experience Implementing Splunk SIEM environments.
  • Experience working with MSSP’s.
  • Advanced knowledge of Splunk queries.
  • 1-year experience working with Zscaler.
  • 1-year experience working with Crowdstrike.
  • BS in Computer Science, Information Security, or equivalent professional experience.
  • 7+ years of experience in areas such as systems security, network, and/or application security.
  • Certifications such as CISSP or equivalent.
  • Experience in identifying, analyzing, scoping, containing and eradicating real-world threats.
  • Understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation.
  • Understanding problems at their root, stepping back to understand the broader context.
  • Maintaining an understanding of threat environments and how it could affect the company.
  • Excellent written and verbal communication skills
  • Good knowledge of intrusion prevention systems.
  • Good knowledge of data loss prevention systems.
  • Good knowledge of endpoint protection systems.
Preferred Qualifications:
  • 10+ years of information security experience.
  • CISM or equivalent desired.
  • Relevant industry certifications from SANS, GCIH, etc.
  • Good demonstrated knowledge of common attacks frameworks (MITRE, etc).
  • Familiarity/experience with AWS and Azure services and security concepts.
If this sounds like the perfect fit, Apply Today!