Senior Information Security Engineer (Crowdstrike, Crible, Logscale)

Job Title: Senior Information Security Engineer (Crowdstrike, Crible, Logscale)

Location: Mesa, AZ (Hybrid) (Monday and Thursday)

Job Type: Contract

Work schedule: Hybrid 2 days/week (Monday and Thursday)

Duration: 12 Months

Pay Rate: $80-$90 per hour

Position Overview:

We are looking for Senior Information Security Engineer who will be responsible for building, design, installation, administration, operational maintenance and issue troubleshooting of information security tools and system infrastructure across the organization.

This position is additionally responsible for developing and implementing network security strategies as well as monitoring and verifying that the network is appropriately protected from internal and external threats while enabling the business to work effectively and productively. This position evaluates the risk verses the business value to make appropriate risk mitigation recommendations to management.

Additionally, the Security Engineer will act as a subject matter expert on all information security owned infrastructure and systems, provide training on these systems as required and support the rest of the Information Security team members in their respective roles and duties as determined by

Essential Responsibilities:

• Manage end to end connectivity for log collectors, log aggregation services, and SIEM integrations.
• Lead effort for onboarding new and existing appliances behind Cloudflare WAF (web application firewall)
• Configure technical controls that enforce compliance frameworks such as ISO 27001, PCI DSS, and SOC2.
• Research and provide design reviews, configuration improvements, hardening suggestions and upgrade recommendations to Information Security team management.
• Lead proof of concept efforts of new security technology solutions while working closely with established vendors and resellers. Implement and test new security technologies deployed to safeguard access to resources, enterprise networks and computer systems.
• Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities on information security owned tools and infrastructure.
• Participate in security incident response procedures as outlined in the company security incident response plan.
• Create and maintain internal documentation such as network, architectural and data flow diagrams and internal procedures for all information security owned products and tools.
• Train the security team on newly deployed technologies and act as an escalation point and subject matter expert for all information security owned systems.
• Work closely with Information Security Risk and Compliance team to document internal operational and audit procedures around information security owned infrastructure. Act as a technical lead during internal and external audit engagements. Gather technical evidence, speak to information security process and procedures aligned to audited controls and environments.
• Stay abreast of developments in the Information Technology industry specifically as they relate to Information Security.
• Provide information security related guidance and support

Qualifications:

• A bachelor’s in computer science or related field OR a High School Diploma/GED and appropriate on the job experience in information technology and/or information security
• Minimum of 12+ years of experience as an information security engineer, IT systems administrator, or other technical focused information security role.
• Information security industry certifications such as: CISSP
• Required experience with Logging solutions such as Cribl, IBM QRoc, CrowdStrike Logscale.
• Required experience with CrowdStrike EDR and Logscale.
• Required experience with Patch Management solutions.
• Required experience with AWS and Azure Security Services

Skill set (listed in priority)

1. SIEM configuration
1. CrowdStrike NG SIEM
2. CrowdStrike SIEM connectors
3. Splunk
4. Cribl Edge
5. Crible Stream

1. CrowdStrike Configuration
1. Crowdstrike CSPM
2. CrowdStrike Fusion

1. Scripting
1. Powershell ( ask for Github link)
2. Python scripting

1. Web Apps
1. WAF (web application) deployment
2. API

1. Penetration Testing
1. OSCP
2. OSCE
3. OSWE
4. PNPT