SecurityEngineer(SIEM/SOAR)

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U. S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Position Requirements: 3-5 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions Proficiency developing log ingestion and aggregation strategies Expertise developing security-focused content for one more more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq) Familiarity with key security events on common IT platforms Deep proficiency in client and server operating systems including Windows, Mac, and Linux General networking and security troubleshooting (firewalls, routing, NAT, etc.) Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions Ability to autonomously prioritize and successfully deliver across a portfolio of projects Preferred Requirements: Experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack Experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco Experience authoring security runbooks, policy, and best practice documentation Bachelor’s degree in a relevant discipline or equivalent professional experience We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request