Remote Senior Engineer (Cybersecurity)

at Sur

Posted 4 weeks ago 2 applied

Description:

  • You will join a high-octane security team tackling offensive and defensive challenges.
  • Your responsibilities will include diving into intricate web application pentesting and running purple team simulations.
  • You will collaborate with detection engineers, craft internal tools, challenge assumptions, and execute threat scenarios to fortify SOC operations.

Requirements:

  • Operate as a SOC Tier 2 or Tier 3 engineer, swiftly triaging and resolving security incidents.
  • Configure and harden security systems including antivirus, firewalls, and OS security.
  • Develop zero-day mitigation strategies when patches are unavailable.
  • Troubleshoot issues with tools like Antivirus, Qualys, or DNS filtering.
  • Build automation scripts for deploying agents, policy cleanup, or custom security scanners.
  • Execute precise manual and automated tests on web apps and APIs.
  • Uncover OWASP Top 10 and elusive business logic vulnerabilities.
  • Deliver clear, actionable PoCs and remediation guidance.
  • Work closely with developers to guide secure coding and implement effective fixes.
  • Participate in adversary simulations to test and enhance SOC defenses, conducted at least twice per quarter.
  • Fine-tune detection rules across EDR and SIEM for maximum precision.
  • Design and run internal threat scenarios to stress-test response capabilities.
  • Enhance defender workflows through close collaboration and visibility improvements.
  • Possess deep system administration skills in Windows and Linux, with a security-first approach, adept at solving multi-layered OS, network, and configuration issues.
  • Have experience in incident response, threat hunting, or SOC Tier 2+ roles.
  • Be proficient with tools like Burp Suite, Nmap, SQLmap, or custom scripts.
  • Have strong scripting skills in Python, Bash, or PowerShell for automation.
  • Exhibit excellent written and verbal communication in English.
  • Experience with vulnerability management platforms like DefectDojo for tracking and prioritizing security findings is a plus.
  • Provide a profile link on platforms like Hack The Box, TryHackMe, or similar.
  • Be fluent in English.

Benefits:

  • The salary range for this position is $4500-$6000 USD.
  • You will receive unlimited PTO.
  • Holidays are included as part of the compensation package.