Remote Opening || Cyber Security Engineer with CISM/CISSP & Azure Sentinel || Contract.

Job Title: Security Engineer with CISM/CISSP & Azure Sentinel Location: Remote- USA Mode of Hire: Contract Job Description:

• CISM/CISSP certified
• Azure Sentinel Implementation experience. Adding the specific tools to look for ,
• Firewalls: Sonic Wall, Cisco Meraki
• EDR: arenaflex Defender & XDR
• SIEM: Azure Sentinel
• Email Security: Proofpoint / M365 Security
• VAPT - Tenable Io, Nessus and Rapid 7 Experience: 7 10+ years Reports To: Security Architecture Lead Role Summary We are seeking a highly skilled Senior Security Engineer (Level 3) to design, implement, and optimize our enterprise security controls. This role requires deep technical expertise in firewalls, endpoint detection & response (EDR), SIEM engineering, and email security platforms. The ideal candidate will act as a technical SME, lead advanced threat analysis, support incident response, and guide junior engineers. Key Responsibilities: 1. Firewall Engineering & Network Security
• Architect, configure, and maintain enterprise firewalls (Palo Alto / Fortinet / Cisco / Check Point).
• Create, review, and optimize security policies, NAT rules, segmentation, and zero-trust network zones.
• Perform firewall upgrades, log analysis, policy audits, and change management.
• Lead troubleshooting of advanced network security issues (L3/L4/L7).
• Integrate firewall telemetry with SIEM and automation platforms. 2. Endpoint Detection & Response (EDR)
• Serve as SME for EDR platforms (CrowdStrike, SentinelOne, arenaflex Defender, Carbon Black, etc.).
• Tune detection rules, behavioral analytics, and response playbooks.
• Manage EDR deployments, health checks, version upgrades, and agent monitoring.
• Analyze suspicious endpoint activity, malware behavior, lateral movement attempts, and persistence methods.
• Collaborate with IR team for endpoint containment and forensic investigations. 3. SIEM Engineering & Log Analytics
• Own SIEM platform engineering (Splunk / MS Sentinel / QRadar / Elastic).
• Build and tune correlation rules, dashboards, parsers, and automated threat response workflows.
• Onboard new log sources (firewalls, servers, EDR, cloud services, UBA, email gateways).
• Conduct threat hunting using SIEM, UEBA, and network telemetry.
• Improve detection coverage based on MITRE ATT&CK and past incidents. 4. Email Security & Messaging Protection
• Manage secure email gateways (Proofpoint / Mimecast / arenaflex Defender M365).
• Implement DMARC, DKIM, SPF, anti-spam, anti-phishing, URL rewriting, and attachment sandboxing.
• Investigate phishing campaigns, BEC attempts, malware attachments, and credential harvesting.
• Tune policies to reduce false positives and increase threat visibility. 5. Incident Response & Threat Analysis
• Act as L4 escalation for major incidents across endpoints, email, network, and cloud.
• Perform deep-dive analysis including packet captures, log correlation, malware triage, and kill chain mapping.
• Support threat hunting, threat intel integration, and adversary behavior analysis. 6. Security Architecture & Hardening
• Recommend architecture improvements for network segmentation, endpoint hardening, and identity security.
• Perform risk assessments, vulnerability reviews, and security control validation.
• Lead technical evaluations for new security technologies and vendors.
• Contribute to zero-trust architecture planning and implementation. 7. Automation, Integrations & Documentation
• Use scripting (Python, PowerShell, Bash) to automate repetitive tasks and log parsing.
• Integrate security tools with SOAR platforms.
• Create runbooks, design documents, diagrams, and engineering-level documentation.
• Mentor junior security engineers and provide L3/L4 engineering guidance. Required Qualifications:
• 7 10+ years of experience in security engineering or SOC engineering.
• Advanced experience with:
• Firewalls: Palo Alto / Fortinet / Cisco / Check Point
• EDR: CrowdStrike / SentinelOne / Defender
• SIEM: Splunk / Sentinel / QRadar / Elastic
• Email Security: Proofpoint / Mimecast / M365 Security
• Strong understanding of TCP/IP, DNS, TLS, VPN, routing, switching, and network protocols.
• Deep knowledge of threat detection, malware analysis fundamentals, and adversary TTPs.
• Experience with MITRE ATT&CK, NIST, CIS controls, and enterprise security frameworks.
• Strong scripting knowledge (Python/PowerShell preferred).
• Experience in cloud environments (AWS / Azure / GCP) preferred. Preferred Certifications:
• CISSP
• CCSP
• Palo Alto PCNSE or equivalent
• GIAC GCIA / GCIH / GCED / GCFA
• arenaflex SC-200 / SC-300
• CrowdStrike or SentinelOne certifications Apply tot his job

Apply tot his job Apply To this Job