Security Engineer plays a key part for correlation rules and dashboard creation and support the rest of the team. The Security Engineer works in a team with an investigative spirit, good perception, and judgment of the security landscape. The Security Engineer will help develop our strategy for finding innovative ways to monitor our infrastructure, customers, partners, and employees. Provide in-depth cybersecurity analysis and trending of logs, event data, and alerts from a diverse range of log sources. Be part of building security functions for native cloud-based environments.

• Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls. Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
• Monitors the application and compliance of security administration procedures and reviews information systems for actual or potential breaches in security. Ensures that all identified breaches in security are promptly and thoroughly investigated and that any system changes required to maintain security are implemented. Ensures that security records are accurate and complete and that requests for support are dealt with according to set standards and procedures. Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.
• Prioritizes and diagnoses incidents according to agreed procedures. Investigates causes of incidents and seeks resolution. Escalates unresolved incidents. Facilitates recovery, following resolution of incidents. Documents and closes resolved incidents according to agreed procedures.
• Monitors compliance against agreed processes and investigates, assesses and resolves incidents of non-compliance, escalating where necessary. Grants users required physical accesses and monitors and reports on overall access control.
• Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.
• Be available for 24 hour on-call status if required
• Some travel may be required

Required

• Tune and filter alerts
• Configure and manage policy for EDR and Network Tools
• Use case development
• Extensive security domain knowledge
• Intermediate scripting knowledge such as Python, etc.
• Comfortable working in high-stress environments
• Coordination skills
• Strong written and verbal communication skills

Desired

• Detection and correlation analysis fidelity of IoCs and IoAs ("Spider Sense")
• Experience with SOAR and task automation
• Customize detection rules using KQL
• Containment and eradication activities
• Cyber threat intelligence knowledge
• Digital Forensics experience with cloud services and traditional endpoints

Qualifications

• Associate or Bachelor's degree in computer science or related field preferred. Combination of formal education training and practical experience sufficient to acquire knowledge and skills generally equivalent to those possessed by an associate degree individual may be considered.
• Industry recognized certifications such as COMPTIA Security+, AWS, Azure, etc are a plus
• 1-3 years of experience is preferred.

Certara bases all employment-related decision on merit, taking into consideration qualifications, skills, achievement, and performance. We treat all applicants and employees without regard to personal characteristics such as race, color, ethnicity, religion, sex, sexual orientation, age, nationality, marital status, pregnancy, physical or mental condition, genetic information, military service, or other characteristic protected by law.