Hybrid Security Engineer - Automation bei ark data centers

Description

Job Summary:

Ark is looking for an ambitions Security Engineer to build, maintain, and improve automation for our Managed Detection & Response platform. You will work with other Security Engineers and directly with the Security Operations Center (SOC) to enhance and improve security and response processes. This may include deployments, threat data enrichment, reporting & metrics, case management, and integrations with other platforms.

While automation will be your primary responsibility, there will be ample opportunity to work on threat detection rules & tuning, incident response, and internal security controls.

Essential Functions:

• Manage the security automation platform within ark, focusing on accuracy and integrity
• Work with other Security Engineers & SOC Analysts to ensure automation and integration of our security tool chain across platforms
• Work closely with various teams:
• Sales Engineering to provide SME knowledge during the pre-sales / scoping phase
• Project Management to help lead multiple deployments for our customers, ensuring deadlines are met and issues are escalated
• Coordinate with the SOC for configuration and tuning activities to ensure a smooth transition to operations
• Internal cloud and network teams to tightly integrate their platforms with our tools
• Proactively maintain platform health for our customers by periodically reviewing the deployments, and identifying potential issues while working with the customer to resolve
• Projects & research work as needed
• Incident handling
• Evaluating and recommending new and emerging security products & technologies

Requirements

Qualifications:

• Bachelor’s degree in information security, Information Assurance or related field, or equivalent work
• 5+ years of hands-on experience managing MDR/SIEM platforms
• 5+ years of demonstrable security automation & integration experience (Microsoft Azure DevOps & Power Automate preferred)
• Security certifications preferred (CySA+, CISSP, vendor certs)
• Understanding of system & network security

Technical Knowledge:

• Proven experience with enterprise-class SIEM tools & technologies – Sumo Logic preferred
• Experience in creating standard processes & configuration documentation
• Strong understanding of data architecture and storage tiering as it relates to log ingestion into the SIEM
• Software development/scripting background
• Strong understanding of DevOps concepts and CI/CD pipelines to drive automation within the platforms
• Experience with automation and integration into a security stack
• Experience creating custom threat detections in an enterprise-class SIEM platform
• Knowledge of network protocols and related services (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SMB, SSH, routing protocols, etc.)

Compensation: 

The compensation for this position is $100,425 - $165,315 annually. Final offer amounts are determined by multiple factors including experience and skillsets.