DigiCert - Senior Security Engineer - Endpoint Detection & Response (5-7 yrs)

Who we are.

We're a leading, global security authority that's disrupting our own category.

Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers.

We help companies put trust an abstract idea to work.

That's digital trust for the real world.

Job Summary :

- We are seeking an experienced Senior Trust Operations Security Engineer with a deep understanding of security operations and automation to join our team.

- The ideal candidate will be responsible for driving the development and optimization of Splunk queries, dashboards, and automation processes to enhance operational visibility and security capabilities.

- This individual will work closely with cross-functional teams to ensure that data is harnessed effectively for real-time insights, efficient threat detection, and streamlined response strategies.

- The successful candidate will have a proven track record of leveraging advanced tools and techniques to improve security posture and operational efficiency across the enterprise.

What you will do :

- Help lead the development and optimization of advanced SPL queries to extract actionable insights from complex machine-generated data and logs, driving informed decision-making across the organization.

- Architect and oversee the implementation of highly customized dashboards, reports, and alerts to ensure comprehensive, real-time visibility into security events and operational metrics within Splunk, aligning with business objectives.

- Help lead the automation of critical processes to streamline operations, enhance efficiency, and enable self-service capabilities across teams.

- Strategically integrate threat intelligence feeds and security tools into broader security frameworks, driving automation and improving threat detection and response capabilities.

- Lead efforts to design sophisticated search queries supporting complex incident investigations, leveraging data correlation and anomaly detection to improve threat hunting and response.

- Direct in-depth research and evaluation of cybersecurity threats, guiding root cause analysis to develop and implement long-term remediation strategies.

- Develop advanced Python scripts to automate critical security processes, enhancing security posture and operational efficiency across the enterprise.

What you will have :

- 5-7+ years of experience in security operations, security analytics or related field.

- In-depth knowledge of Splunk search processing language (SPL) and visualization.

- Advanced knowledge of security operations design concepts and principles.

- Advanced knowledge with Threat Intelligence technologies.

- Experience with scripting languages such as Python, Go, PowerShell, Bash, etc.

- Excellent written and verbal communication skills.

- Excellent communication skills, with the ability to collaborate across technical and non-technical teams.

- Proficiency in performing in-depth log analysis.

- CISSP certification or willingness and ability to obtain it if not already completed.

Need to have :

- Master's degree in a technical discipline.

- Experience in Information Security.

- Experience with SIEM technologies, preferably Splunk and Splunk ES.

- Familiarity with cloud-based identity providers, SSO, SAML, etc.

- Experience with SASE products and Web Application Firewall (WAF) technologies.

- Proficiency in vulnerability management software.

- Familiarity with endpoint detection and response software.

- Designed, built, and implemented enterprise-class security systems.

- Experience with security, compliance, privacy frameworks and audits (e.

- ISO27001, NIST, GDPR, CCPA, WebTrust, SOC2).

Benefits :

- Generous time off policies.

- Top shelf benefits.

- Education, wellness and lifestyle support.