Apply on Employer Site

Fragomen · 2 days ago

Security Engineer - Threat Detection & Disruption

United States

Full-time

Remote

Entry, Mid Level

2+ years exp

Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Cyber Security Engineer to join their IS & Cyber Security team. The role focuses on enhancing threat detection and response capabilities while developing and maintaining security tools and programs to protect the company's technical offerings.

ConsultingDocument ManagementLegalLegal Tech

H1B Sponsor Likely

Responsibilities

Refine, validate and exercise our Threat Detection and Disruption program

Develop detection techniques to protect our evolving environment and technical offerings

Architect, deploy and maintain our network and endpoint detection tools to reduce our time to alert, triage and mitigation from potential threats

Deploy, mature and maintain our future logging tier, security event incident management (SIEM) system and alert, triage and response pipeline

Lead in the evolution of our protection, detection and mitigation capabilities based on experience, evolving threat environment and findings from cyber security incidents

Participate in a cross-functional response to cyber security incidents

Develop and maintain strong relationships with key partners to create our detection and threat disruption program

Participate in threat hunting efforts

Qualification

Threat DetectionSIEM ManagementIntrusion DetectionDetection ToolsPythonLogging TechnologyCyber Security IncidentsThreat HuntingTechnical CertificationsCommunication SkillsTeam PlayerProblem Solving

Required

2 - 5 years or more years of practical Threat Detection and Disruption experience

A passionate team player who builds knowledge and solves complex problems

Demonstrated knowledge of detection tools with the ability to write signatures (Snort, Suricata, Yara, etc.)

Proficiency in a modern high-level language (Python, Ruby, Node, Go, etc.)

Experience in establishing and maintaining a SIEM (Splunk, ArcSight, QRadar, ELK, etc.)

Proven experience in developing intrusion detection techniques and operational responses

Experience in architecting and deploying logging technology (Syslog, Logstash, etc.)

Strong, professional communication skills that maintain under pressure

A Bachelor's degree in a related field or a combination of related experience

Experience in developing highly automated detection and triage tools

Knowledge of detection, forensic, security event and incident management, and orchestration tools

Preferred

Technical certifications that demonstrate technical prowess in DFIR to include GIAC (GCIH, GCFA, GCIA), Offensive Security (OSCP, OSCE, OSEE), and/or Vendor specific (Splunk, QRadar, ELK, etc.)

Benefits

22 PTO days + Federal holidays

Medical, Dental, and Vision plans + FSA & HSA Plans

401K plan

Company

Fragomen

Glassdoor3.4

Fragomen is a legal firm that provides crisis management, employment verification, compliance, document, and immigration services.

Founded in 1951

New York, New York, USA

5001-10000 employees

https://www.fragomen.com

H1B Sponsorship

Fragomen has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (2)

2024 (2)

2022 (5)

2021 (1)

2020 (5)