Cloud Software Group
Sr. Principal Security Engineer
Cloud Software Group, Santa Clara, California, us, 95053
Role Requirements:
15 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last five years and demonstrated ability to carry out the functions of the job.
Proven experience and knowledge of Enterprise Security Operations
Demonstrated experience in using Endpoint Detection and Response software (SentinelOne, Crowdstrike, Defender ETC.)
Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.)
Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc.
Prior knowledge of SOAR platforms such as Siemplify, Forti soar etc.
Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash, etc.
Exceptional written and verbal communication skills.
Demonstrated expert knowledge of the MITRE ATTACK framework.
Position OverviewAs a Senior Principal Security Engineer, you will play a critical role in our cyber security function to ensure enterprise and client data is secure. You will help:
Assess the risk of new vulnerabilities and zero-day threats and report recommendations.
Act as an Incident commander for all the P1 and P2 incidents, ability to work with multiple stakeholders and influence them. Ability to handle and work with external partners as part of Managed SOC.
Work independently, with limited direction from the senior leaders, to perform regular tasks and resolve escalated incidents/requests in a timely manner.
Apply advanced expertise to quality control the internal team’s and vendors’ processes, making recommendations to Director of Cybersecurity for operational plans and strategies to directly impact the achievement of overall functional results.
Proactively identify, investigate, analyze issues and errors prior to or when they occur and log all such incidents in a timely manner. Capture all required and relevant information for immediate resolution.
Review threat hunting objectives and provide feedback for upcoming threat hunts conducted by the partner.
Share such knowledge, to resolve issues, document them, and push the knowledge down to other engineers.
Act as emergency support contact as needed, for business-impacting issues.
Basic Qualifications
Bachelor’s degree in cybersecurity, related field, or equivalent work experience.
Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.
Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII).
In-depth knowledge in the following fields is required: cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices.
Advanced planning/ organizational, problem-solving, analytical, consulting, time management and decision-making skills required.
Ability to effectively communicate technical security plans, strategies, and designs to all levels of the company.
Must be detail-oriented and able to maintain a high degree of accuracy.
Ability to maintain confidentiality is crucial.
#J-18808-Ljbffr
15 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last five years and demonstrated ability to carry out the functions of the job.
Proven experience and knowledge of Enterprise Security Operations
Demonstrated experience in using Endpoint Detection and Response software (SentinelOne, Crowdstrike, Defender ETC.)
Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.)
Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc.
Prior knowledge of SOAR platforms such as Siemplify, Forti soar etc.
Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash, etc.
Exceptional written and verbal communication skills.
Demonstrated expert knowledge of the MITRE ATTACK framework.
Position OverviewAs a Senior Principal Security Engineer, you will play a critical role in our cyber security function to ensure enterprise and client data is secure. You will help:
Assess the risk of new vulnerabilities and zero-day threats and report recommendations.
Act as an Incident commander for all the P1 and P2 incidents, ability to work with multiple stakeholders and influence them. Ability to handle and work with external partners as part of Managed SOC.
Work independently, with limited direction from the senior leaders, to perform regular tasks and resolve escalated incidents/requests in a timely manner.
Apply advanced expertise to quality control the internal team’s and vendors’ processes, making recommendations to Director of Cybersecurity for operational plans and strategies to directly impact the achievement of overall functional results.
Proactively identify, investigate, analyze issues and errors prior to or when they occur and log all such incidents in a timely manner. Capture all required and relevant information for immediate resolution.
Review threat hunting objectives and provide feedback for upcoming threat hunts conducted by the partner.
Share such knowledge, to resolve issues, document them, and push the knowledge down to other engineers.
Act as emergency support contact as needed, for business-impacting issues.
Basic Qualifications
Bachelor’s degree in cybersecurity, related field, or equivalent work experience.
Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.
Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII).
In-depth knowledge in the following fields is required: cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices.
Advanced planning/ organizational, problem-solving, analytical, consulting, time management and decision-making skills required.
Ability to effectively communicate technical security plans, strategies, and designs to all levels of the company.
Must be detail-oriented and able to maintain a high degree of accuracy.
Ability to maintain confidentiality is crucial.
#J-18808-Ljbffr