RedLegg
Senior Consultant
RedLegg, Cambridge, Massachusetts, us, 02140
This role reports to the Director of Sales.Key Responsibilities:1. Information Security Automation Consulting:Advise clients on developing and implementing automation strategies to enhance their security operations.Help clients automate routine security tasks and incident response processes to improve efficiency and reduce manual intervention.Consult on the utilization of scripting and programming languages (e.g., Python, PowerShell) to create and maintain security automation workflows.Provide guidance on selecting and deploying security automation tools and technologies tailored to client needs.
2. SIEM Management Consulting:Consult with clients on the deployment, configuration, and maintenance of SIEM solutions.Guide clients in monitoring and analyzing security events and incidents using SIEM tools.Develop and fine-tune SIEM rules, use cases, and alerts to ensure effective threat detection and response.Conduct regular audits and assessments to ensure SIEM systems are performing optimally for clients.
3. SOC Operations Consulting:Provide expertise and guidance to client SOC teams in day-to-day operations, ensuring timely detection, analysis, and response to security incidents.Establish and enforce SOC procedures, protocols, and best practices tailored to client needs.Mentor client SOC analysts to enhance their skills and knowledge.Collaborate with client IT and security teams to ensure a cohesive approach to incident management and threat mitigation.
4. Threat Intelligence and Incident Response Consulting:Stay updated on the latest security threats, vulnerabilities, and trends.Develop and maintain incident response plans, playbooks, and workflows for clients.Conduct post-incident analysis to identify root causes and recommend improvements.Coordinate with external partners and stakeholders during major security incidents.
Qualifications:Bachelor’s degree in Computer Science, Information Security, or a related field. Master’s degree preferred.At least 5-7 years of experience in information security, with a focus on automation, SIEM, and SOC operations.Strong knowledge of security automation tools and technologies.Proficiency in scripting and programming languages (e.g., Python, PowerShell).Hands-on experience with leading SIEM and MDR solutions (e.g., Microsoft Sentinel, LogRhythm, Palo Alto, and Crowdstrike ).In-depth understanding of SOC workflows, processes, and best practices.Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable.Excellent analytical, problem-solving, and communication skills.Ability to work effectively in a fast-paced, dynamic environment.
Preferred Skills:Experience with cloud security (AWS, Azure, Google Cloud).Familiarity with security orchestration, automation, and response (SOAR) platforms.Strong understanding of network security, firewalls, and intrusion detection/prevention systems (IDS/IPS).
What We Offer:Competitive salary and benefits package.Opportunities for professional growth and development.Collaborative and inclusive work environment.Flexible working arrangements, including remote work options.
recblid m2zy6ova89lkz8qy7ylhb4kuiy4u3m
2. SIEM Management Consulting:Consult with clients on the deployment, configuration, and maintenance of SIEM solutions.Guide clients in monitoring and analyzing security events and incidents using SIEM tools.Develop and fine-tune SIEM rules, use cases, and alerts to ensure effective threat detection and response.Conduct regular audits and assessments to ensure SIEM systems are performing optimally for clients.
3. SOC Operations Consulting:Provide expertise and guidance to client SOC teams in day-to-day operations, ensuring timely detection, analysis, and response to security incidents.Establish and enforce SOC procedures, protocols, and best practices tailored to client needs.Mentor client SOC analysts to enhance their skills and knowledge.Collaborate with client IT and security teams to ensure a cohesive approach to incident management and threat mitigation.
4. Threat Intelligence and Incident Response Consulting:Stay updated on the latest security threats, vulnerabilities, and trends.Develop and maintain incident response plans, playbooks, and workflows for clients.Conduct post-incident analysis to identify root causes and recommend improvements.Coordinate with external partners and stakeholders during major security incidents.
Qualifications:Bachelor’s degree in Computer Science, Information Security, or a related field. Master’s degree preferred.At least 5-7 years of experience in information security, with a focus on automation, SIEM, and SOC operations.Strong knowledge of security automation tools and technologies.Proficiency in scripting and programming languages (e.g., Python, PowerShell).Hands-on experience with leading SIEM and MDR solutions (e.g., Microsoft Sentinel, LogRhythm, Palo Alto, and Crowdstrike ).In-depth understanding of SOC workflows, processes, and best practices.Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable.Excellent analytical, problem-solving, and communication skills.Ability to work effectively in a fast-paced, dynamic environment.
Preferred Skills:Experience with cloud security (AWS, Azure, Google Cloud).Familiarity with security orchestration, automation, and response (SOAR) platforms.Strong understanding of network security, firewalls, and intrusion detection/prevention systems (IDS/IPS).
What We Offer:Competitive salary and benefits package.Opportunities for professional growth and development.Collaborative and inclusive work environment.Flexible working arrangements, including remote work options.
recblid m2zy6ova89lkz8qy7ylhb4kuiy4u3m