Job Description

Position Description

This exciting opportunity is a full-time, permanent role with Converge. As an Engineer within the Cybersecurity Strategy & Defense practice, you will act as a trusted advisor to our client base. The Engineer will provide expertise and guidance in technical service delivery efforts, specifically around Incident Response and Endpoint Detection technologies. The Engineer will also be involved in refining IR processes and consulting clients on cybersecurity best practices. We invest heavily in our team members growth with cross-technology and certification training.

Key Responsibilities

• Regularly monitor IR queues and assign tickets based on your area of expertise.
• Triage and resolve tickets using QuickBooks and collaborate with team members as needed.
• Conduct proactive threat hunts by developing hypotheses based on client specific threats and vulnerabilities.
• Create and update IR QuickBooks (runbooks) informed by your experience with detection use cases.
• Participate in required meetings and collaborate on addressing critical issues.
• Develop subject matter expertise (SME) in one or more security technologies.
• Assist with the IR content migration from Splunk Ad-Hoc to Splunk ES (Enterprise Security).

Maintain a comprehensive understanding of the CrowdStrike environment to manage tasks such as:

• Assessing the impact of recent CrowdStrike release notes and technical alerts, and implementing changes in accordance with client change management policies.
• Creating and modifying Fusion workflows to enhance IR operational efficiency.
• Developing and updating custom IOAs to detect specific threats relevant to client.
• Possess a basic understanding of the Splunk environment and the ability to:
• Use SPL (Search Processing Language) proficiently.
• Create and modify saved searches tailored to IR operational needs.

Competencies & Qualifications

• 3+ years of experience in a professional cybersecurity capacity
• 2+ years of experience working within Incident Response
• Hands-on experience with Crowdstrike is required
• Hands-on experience with Splunk is required
• Crowdstrike & Splunk certifications are a big plus
• Defensive & Response cybersecurity certifications via SANS are a big plus

Work Environment

• Remote, work from home
• Although this role is remote, candidates must be physically based within Alabama, California, Georgia, Indiana, Kentucky, Michigan, Missouri, Ohio, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, Florida or Washington

Total Rewards

We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, company stock match program, PTO/holiday, training/development and so much more.

jobDescriptionFooter:

Converge Technology Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Job Tags

Remote job, Holiday work, Permanent employment, Full time, Local area,

Similar Jobs