Offer summary

Qualifications:

Bachelor’s degree in Computer Science or equivalent experience., Two years of experience in security content engineering or a similar role., Proficiency in Microsoft Azure security solutions and Kusto Query Language., Familiarity with scripting languages such as Python, PowerShell, and BASH..

Key responsabilities:

Generate detection logic and automate security insights for clients.

Collaborate with clients to design visualizations for security posture and operations metrics.

Test and tune detection logic to reduce false positives and improve alert accuracy.

Serve as a technical escalation point and communicate with customer IT teams to resolve issues.

Job description

Senior Security Content Engineer

Senior Security Content Engineer needed in New York, NY to assist our global customers manage their deployments and Azure cloud security solutions.

Derive security insights through generating detection logic, automation and visualizations.
Ideate and create client-facing detections to surface security and IT operations concerns.
Collaborate with clients to design and implement visualizations to assist with understanding security posture, interesting events, and operations metrics.
Test and tune detection logic to minimize false positives, alert duplication, and whitelisting.
Identify opportunities for client-specific needs to become base content, including rules, automations, and dashboards.
Identify opportunities for log content reduction and removal irrelevant events.
Deliver functional value resulting from research in the form of queries, signatures, rules, and contextual information.
Advancement of security policies, procedures, and automation.
Serve as the technical escalation point.
Communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual.
Signature writing /algorithm creation. Analyze event logs and recognize signs of cyber intrusions/attacks.
Use Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
Develop, automate, and orchestrate tasks with logic apps based on certain events.
Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks.
Advise on the Microsoft Cloud Security capabilities across the Azure platform.
Use Kusto Query Language and scripting languages (Python, PowerShell, BASH and others).
Digital forensic analysis (host, network, other). Use knowledge of network protocols and devices.
Use Wireshark, TCP Dump, Security Onion, and Splunk. Use SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus, Network Access Control, Encryption, Vulnerability Identification.
Use knowledge of intrusion analysis, digital forensics, penetration testing, detection engineering.
Use.Net programming, jupyter notebooks, and scripting/ development using web APIs.

Option to Telecommute.

Experience and Education Required:

Bachelor’s degree in Computer Science plus two years of experience in the job offered or a similar occupation or a HS degree plus four years of experience in the job offered or a similar occupation.

Salary: $125,500.

Send resume to: S Sharma, BlueVoyant Management LLC, 6 East 45th Street, Floor 17, New York, NY 10017.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

Required profile