Senior Manager, SOC & Cybersecurity Engineering
WM
CloudCyber SecurityFirewalls
Salary
💰 $67,500 - $78,300 per year
Job Level
Junior
Tech Stack
CloudCyber SecurityFirewalls
About the role
- Incident Monitoring and Response
- Review alerts from the SIEM platform and CrowdStrike modules to identify and triage potential security incidents.
- Escalate critical security events to senior team members for immediate response.
- Contribute to post-incident reviews, documenting incident timelines, and remediation actions.
- Continuously update knowledge of CrowdStrike services and security trends to improve detection capabilities.
- Recommend and improve the overall security position of the organization.
- SIEM Solution Implementation and Support
- Assist in configuring CrowdStrike modules and integrating them with the chosen SIEM platform.
- Validate log sources from endpoints, firewalls, and other security systems, ensuring complete data ingestion.
- Develop and test custom correlation rules to identify threats and anomalies in the organization’s environment.
- Collaborate with Crowdstrike analysts to create and fine-tune alert thresholds to minimize false positives.
- Hardware Security Key Deployment
- Inventory existing endpoint devices and verify compatibility with hardware security key solutions.
- Configure and register hardware security keys with employee accounts using CrowdStrike or other integrated systems.
- Develop training materials and assist in training employees on hardware security key use and troubleshooting through documentation and virtual support.
- Monitor and document the deployment process, identifying and addressing implementation challenges.
- Provide ongoing support and escalate unresolved issues to senior IT staff
- Documentation and Reporting
- Prepare deployment and operational documentation for the YubiKey rollout and SIEM implementation.
- Compile weekly reports on security incidents, deployment progress, and system health metrics.
- Assist in creating user-friendly guides and FAQs for end users regarding security solutions.
- Update and maintain incident response and system configuration documentation.
- Internal Tools Support
- Identify and document all existing API integrations, including data flows, endpoints, and authentication methods.
- Assist in configuring secure API connections using tokens, certificates, or other authentication mechanisms as required.
- Participate in testing and validation of API integrations to ensure functionality and compliance with security requirements.
- Update documentation and maintain inventories of API credentials, integration details, and associated security controls.
- Collaborate with engineering and IT teams to troubleshoot API issues and implement security improvements.
- Required Skills
- Familiarity with endpoint security tools like CrowdStrike Falcon or similar platforms.
- Understanding of multi-factor authentication (MFA) methods and tools, such as YubiKey.
- Basic knowledge of Security Information and Event Management (SIEM) solutions.
- Strong analytical and problem-solving skills.
- Effective written and verbal communication, especially in technical documentation.
Requirements
- Legal authorization to work in the United States
- Ability to meet any other requirements for government contracts for which candidates are hired
- Work authorization that doesn’t require visa sponsorship, now or in the future
- May be subject to a government background check or security clearance, depending on the contract
- This role requires you to work from the contiguous United States.
