Remote Senior Security Engineer

Description:

• Qodea is seeking a Senior Security Engineer to act as a senior member of the team, driving security incident responses and leading threat hunting initiatives.
• The role involves researching new attack techniques and analyzing logs and system artifacts to develop effective detection logic.
• The engineer will leverage their experience to enhance team efficiency through automation and the design of improved processes.
• Responsibilities include leading the response to security incidents, conducting thorough investigations using log correlation, malware analysis, and digital forensics, while maintaining clear communication with stakeholders.
• The engineer will lead threat hunting efforts by analyzing infrastructure signals to detect potential attacks and incorporate findings into improved security controls for clients.
• They will design, implement, and maintain detection rules and automation playbooks utilizing both no-code platforms and scripting languages.
• The role requires administering security tools and optimizing log visibility in customer environments while onboarding new systems to SIEM, building integrations for SOAR, and overseeing tool performance and configuration.
• The engineer will maintain an up-to-date knowledge base of investigation guides and runbooks, promoting team contributions and regularly updating incident response plans.
• Providing mentorship and technical guidance to junior security analysts is also a key responsibility.
• Participation in the incident response on-call service to support the team when necessary is expected.

Requirements:

• Candidates must possess excellent communication skills in English, both written and verbal.
• An in-depth understanding of how adversaries compromise networks and the stages of an attack is required.
• Experience working in a defensive security role, including identifying threats, investigating incidents, and translating findings into actionable detection mechanisms is essential.
• Excellent analytical skills with expertise in conducting large-scale log analysis, including manipulating and correlating log data using queries in SIEM or data lake platforms, as well as scripting with their APIs, are necessary.
• A minimum of 5 years of hands-on experience with enterprise security technologies (e.g., SIEM, SOAR, EDR, and CNAPP solutions), securing operating systems and cloud platforms, and a proven ability to identify indicators of compromise across these environments is required.
• Expertise in automating repetitive tasks using scripting languages (e.g., Python, PowerShell), infrastructure management with IaC, and deployment processes with CI/CD tools is needed.
• Candidates should be self-driven with the ability to work independently and collaborate effectively in teams.
• Desirable skills include experience in planning and executing penetration tests to identify vulnerabilities and misconfigurations, as well as experience in safeguarding CI/CD pipelines, utilizing both commercial and custom-built solutions.

Benefits:

• The position offers a health care package and an NN Assurance package (life and health).
• Employees receive 28 days of PTO as standard, plus a flexible annual leave policy and their birthday off.
• There are 10 learning days per year and length of service awards.
• Employees can work from anywhere for up to 90 days per year and are eligible for sabbatical leave after 5 years of service.
• A flexible working culture is promoted, along with meal tickets and coverage for transportation costs.
• Access to the Bookster Platform and company events provides opportunities to meet colleagues.
• Regular opportunities for industry-recognized training and certifications are available.
• Employees have opportunities to develop within a fast-growing tech business with ambitious growth and impact goals.