Be an early applicantLess than 25 applicants

Company

Peraton · 7 hours ago

Security Engineer

United States

Full-time

Remote

Mid, Senior Level

$112K/yr - $179K/yr

5+ years exp

Maximize your interview chances

Information TechnologyRobotics

Actively Hiring

Insider Connection @Peraton

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Design, implement, and manage security controls in AWS and Azure cloud environments, including identity and access management (IAM), encryption, networking security, and monitoring.

Ensure cloud security best practices are followed and leverage native security tools (e.g., AWS Security Hub, Azure Security Center) alongside third-party solutions.

Implement cloud infrastructure security monitoring, ensure proper segmentation and access control policies, and safeguard cloud workloads and data.

Hands-on configuration, management, and troubleshooting of CrowdStrike (or other endpoint detection and response tools), ensuring optimal endpoint protection across the enterprise.

Work with internal teams to monitor and respond to security alerts, review threat intelligence data, and escalate or remediate incidents as necessary.

Tune EDR systems to improve detection capabilities, reduce false positives, and enhance incident response effectiveness.

Administer, configure, and maintain Splunk or other SIEM platforms for comprehensive event logging, correlation, and analysis.

Develop and tune Splunk queries and dashboards to enhance visibility into security events and incidents.

Support incident response by leveraging SIEM data to investigate alerts, conduct forensics, and assist in the triage and resolution of security incidents.

Implement and manage vulnerability assessment tools, primarily Tenable I.O., to perform scans and identify weaknesses across enterprise systems, applications, and networks.

Collaborate with vulnerability management teams to prioritize and remediate vulnerabilities, track mitigation efforts, and verify that vulnerabilities are properly addressed.

Work closely with architecture and development teams to design secure systems, applications, and networks, with a focus on preventing vulnerabilities and improving system resilience.

Provide security input and guidance during the development lifecycle, ensuring secure coding practices and the proper use of security controls.

Apply your expertise in network security to configure and maintain secure network architectures, including firewalls, VPNs, proxies, and intrusion detection/prevention systems (IDS/IPS).

Work to detect, prevent, and respond to network-based threats and anomalies.

Understand and implement network segmentation, micro-segmentation, and secure access policies to minimize attack surfaces.

Automate repetitive security tasks, improve security operations workflows, and integrate security solutions to streamline monitoring, alerting, and incident response.

Implement and manage security orchestration, automation, and response (SOAR) solutions to improve incident detection and response times.

Continuously monitor cloud and on-premise infrastructures, endpoints, and networks for threats using advanced security monitoring tools.

Analyze threat intelligence feeds to identify emerging risks and proactively implement measures to defend against new attack vectors.

Stay updated on the latest threat trends, vulnerabilities, and exploit techniques, and share knowledge with other team members.

Work closely with cross-functional teams (engineering, IT, operations, etc.) to ensure security best practices are integrated throughout the organization's systems, applications, and processes.

Maintain detailed documentation of security architecture, configurations, processes, and incident reports for audit and compliance purposes.

Provide training, mentorship, and guidance to junior security team members.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cloud SecuritySecurity EngineeringAWSAzureEDR ToolsSIEM PlatformsVulnerability AssessmentOperating SystemsApplication SecurityCISSPAWS Certified Security - SpecialtyAzure Security EngineerCEHCompTIA Security+Container SecuritySecurity Automation

Required

Minimum of 5-7 years of professional experience in security engineering or a similar role in a large, multi-tenant environment

Hands-on experience in cloud security with AWS and Azure, including managing IAM policies, securing cloud infrastructure, and implementing cloud security best practices

Proficient with EDR tools such as CrowdStrike and experience in the deployment, configuration, and troubleshooting of endpoint security solutions

Strong expertise with SIEM platforms, especially Splunk, for security event management, monitoring, and incident response

In-depth knowledge of vulnerability assessment tools, particularly Tenable I.O., and experience running scans, interpreting results, and remediating vulnerabilities

Strong background in networking technologies (TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, etc.) and network security protocols (SSL/TLS, IPSec, etc.)

Proficient with operating systems (Linux, Windows, Unix) and their associated security controls

Experience with application security, including secure coding practices, vulnerability scanning, and threat modeling

Preferred

Bachelor's degree in Computer Science, Information Security, Network Engineering, or related STEM field

Familiarity with security automation and orchestration platforms (e.g., SOAR solutions)

Certifications (one or more of the following is a plus): CISSP (Certified Information Systems Security Professional), AWS Certified Security - Specialty, Azure Security Engineer (Microsoft Certified: Azure Security Engineer Associate), CEH (Certified Ethical Hacker), CompTIA Security+ or other relevant security certifications

Experience with other EDR, SIEM, or vulnerability management tools such as Palo Alto Networks, Rapid7 Nexpose, or Qualys is a plus

Familiarity with container security (e.g., Docker, Kubernetes) and securing CI/CD pipelines

Excellent problem-solving skills, with the ability to investigate complex security incidents and root causes

Strong communication skills, both written and verbal, with the ability to explain complex security concepts to technical and non-technical stakeholders

Ability to work in a fast-paced environment, manage multiple priorities and meet deadlines