Ensign
SecurityConsultant
Neural analysis suggests this role is
optimal for Mid candidates.
“Security Consultant at Ensign. Skills: Security Consultant, SIEM administration, Security platform integration, Data pipeline management, Automation. Architectural design, deployment, and seamless integration of complex security solutions within our regional infrastructure. Ensure that all security telemetry is properly ingested, normalized, and optimized to enable high-fidelity detection and automated response capabilities”
What You'll Achieve.
Enable high-fidelity detection and automated response capabilities; Reduce alert noise; Improve Mean Time to Respond (MTTR)
Industry & Context.
Ability to independently troubleshoot common SOC faults and anomalies; A proactive mindset for identifying 'human error' risks in configurations and implementing automated safeguards
What They're Looking For.
Must Have
3–5+ years in cybersecurity engineering, SIEM administration, or a similar technical integration role, Proficiency in major security platforms, Advanced scripting/coding skills (Python, Shell, etc. ) for automation, Proficiency in common Linux commands, Deep understanding of the TCP/IP protocol stack, API (REST/JSON) integrations, and cloud infrastructure (Alibaba Cloud, AWS, or Azure), Ability to independently troubleshoot common SOC faults and anomalies, Solid understanding of the ATT&CK Framework, incident response lifecycles, and threat hunting methodologies, Familiarity with the cybersecurity vendor landscape in China and APAC regional compliance standards, Fluent Cantonese communication ability, Basic English reading/writing capability
Nice to Have
Experience in Palo Alto Cortex XSIAM/XSOAR, Splunk Cloud, or Elastic Stack, Vendor-related cybersecurity certifications (e.g. , Splunk, Palo Alto), CISSP, CISM, or equivalent professional security certifications
What You'll Do.
and seamless integration of complex security solutions within our regional infrastructure
Ensure that all security telemetry is properly ingested
and optimized to enable high-fidelity detection and automated response capabilities
Lead the end-to-end integration of security platforms
including SIEM (e. g.
and SOAR technologies
Collaborate closely with SOC analysts to develop custom detection rules
and automated playbooks that reduce alert noise and improve Mean Time to Respond (MTTR)
Design and maintain robust data ingestion pipelines
Configure log collectors
manage API integrations
and ensure data parsing (regex/normalization) aligns with common schemas such as CIM or ECS
Produce high-quality architectural diagrams
standard operating procedures (SOPs)
and migration plans for senior leadership and technical stakeholders
How You'll Work.
Team & Collaboration
Collaborate closely with SOC analysts; Explain complex technical issues to non-technical senior management
Communication Scope
Fluent Cantonese communication ability; Basic English reading/writing capability; Proven ability to explain complex technical issues to non-technical senior management
Process & Methodology
Manage project progress, Ensure successful delivery
Full Job Description
Ensign is hiring ! **Role Overview** As **a Security Consultant** , you will be responsible for the architectural design, deployment, and seamless integration of complex security solutions within our regional infrastructure. This role acts as the technical bridge between initial deployment and long-term Security Operations Center (SOC) success. You will ensure that all security telemetry is properly ingested, normalized, and optimized to enable high-fidelity detection and automated response capabilities. **Key Responsibilities** * **Engineering & Deployment:** Lead the end-to-end integration of security platforms, including SIEM (e.g., Splunk, Elastic, QRadar), EDR, Security Gateway, and SOAR technologies. * **SOC Enablement:** Collaborate closely with SOC analysts to develop custom detection rules, dashboards, and automated playbooks that reduce alert noise and improve Mean Time to Respond (MTTR). * **Data Pipeline Management:** Design and maintain robust data ingestion pipelines. This includes configuring log collectors, managing API integrations, and ensuring data parsing (regex/normalization) aligns with common schemas such as CIM or ECS. * **Technical Documentation:** Produce high-quality architectural diagrams, standard operating procedures (SOPs), and migration plans for senior leadership and technical stakeholders. **Required Qualifications & Skills** * **Experience:** 3–5+ years in cybersecurity engineering, SIEM administration, or a similar technical integration role. * **Platform Expertise:** Proficiency in major security platforms. Preference for candidates with experience in Palo Alto Cortex XSIAM/XSOAR, Splunk Cloud, or Elastic Stack. * **Technical Proficiencies:** * Advanced scripting/coding skills (Python, Shell, etc.) for automation. * Proficiency in common Linux commands. * Deep understanding of the TCP/IP protocol stack, API (REST/JSON) integrations, and cloud infrastructure (Alibaba Cloud, AWS, or Azure). * Ability to independently troubleshoot c
Applying for this Security Consultant role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Ensign?
Real rants from real employees. Read before you apply.