Please, let BlueVoyant know you found this job
on RemoteYeah.
This helps us grow 🌱.
Description:
BlueVoyant is seeking a Security Operations Center Security Content Engineer to assist global customers with their Splunk cloud security solutions.
The role involves generating detection logic, automation, and visualizations to help clients derive security insights.
Responsibilities include creating client-facing detections, collaborating with clients on visualizations, testing and tuning detection logic, and identifying opportunities for client-specific needs.
The engineer will deliver functional value through research, serve as a Technical SOC SME, conduct in-depth research on exploits and vulnerabilities, and assist in advancing security policies and procedures.
The position requires regular communication with customer IT teams to address issues and ensure business continuity.
The role also involves mentoring junior detection engineers and supporting incident response reporting.
Requirements:
Candidates must possess excellent teamwork skills and previous experience in signature writing or algorithm creation.
A strong ability to analyze event logs for signs of cyber intrusions or attacks is essential.
Hands-on experience with Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites is required.
Candidates should have experience in developing, automating, and orchestrating tasks with logic apps, configuring Sentinel incidents, and advising customers on Microsoft Cloud Security capabilities.
Proficiency in Kusto Query Language (KQL) and strong scripting skills in languages such as Python and PowerShell are necessary.
A solid background in digital forensic analysis and blue team operations is required, along with knowledge of network protocols and devices.
Advanced written and verbal communication skills are essential for presenting complex technical topics clearly.
Familiarity with tools like Wireshark, TCP Dump, Security Onion, and Splunk is expected.
Knowledge of various security concepts, including SIEM, malware detection, and data loss prevention, is required.
Benefits:
BlueVoyant offers a fully remote work environment for this position.
The company provides equal employment opportunities and complies with applicable laws governing non-discrimination.
Employees are required to be authorized to work in the United States, and U.S. citizenship is necessary for certain federal contracts.
The company emphasizes a culture of teamwork and collaboration, supported by a highly skilled team with extensive experience in cybersecurity.
Apply now
Please, let BlueVoyant know you found this job
on RemoteYeah
.
This helps us grow 🌱.