London Approach
Lead Security Engineer (Onsite)
London Approach, Philadelphia, PA, United States
We are seeking a highly skilled Lead Security Engineer with a strong technical background to drive our cybersecurity initiatives. The ideal candidate will have extensive experience with Endpoint Detection and Response (EDR) platforms, Security Information and Event Management (SIEM) systems, and incident response. You will lead technical investigations, threat hunting activities, and ensure our security tools are effectively protecting the organization.
Mostly Onsite, 2/3 Days a week in Philadelphia - Must be okay with this
Full Time Permanent Salaried plus benefits up to $135,000 to start
No Sponsorship is available for this role
Key Responsibilities:
- Manage and maintain the EDR platform, including event investigations, alert tuning, policy configurations, and endpoint agent updates.
- Utilize the EDR tool for in-depth threat hunting and analysis of security events.
- Monitor and analyze logs from the SIEM system to detect potential security incidents.
- Investigate anomalies within Microsoft Azure and other cloud environments for signs of security breaches.
- Lead the response to confirmed security incidents to minimize business impact.
- Coordinate communication of findings, remediation efforts, forensic data collection, and post-incident hardening recommendations.
- Proactively search for threats and vulnerabilities within the network and systems.
- Develop and implement strategies to detect and prevent advanced persistent threats.
- Ensure security controls such as firewalls, multi-factor authentication (MFA), and network access control (NAC) are configured and functioning optimally.
- Collaborate with technical operations teams to enhance the effectiveness of security measures.
- Mentor and guide security team members in technical investigations and security best practices.
- Stay current with emerging security threats and technologies to continually improve the organization's security posture.
Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. A Master's degree is a plus.
- Minimum of 5 years of hands-on experience in cybersecurity, with at least 2 years in a lead or senior technical role.
- Proven expertise in administering and utilizing EDR platforms and SIEM systems for security investigations.
- In-depth knowledge of EDR tools (e.g., CrowdStrike, Carbon Black) and their use in threat detection and response.
- Proficiency in SIEM technologies and log analysis for incident detection.
- Experience with Microsoft Azure security features and monitoring.
- Familiarity with scripting languages (e.g., Python, PowerShell) for automation and tool integration.
- Relevant certifications such as CISSP, GCIH, GCFA, or OSCP are highly preferred.