Security Engineer

The Security Engineer is responsible for designing, implementing, and maintaining security technologies that protect the organization’s IT and OT infrastructure. The role focuses on strengthening the security architecture, integrating security tools, improving detection capabilities, and supporting the Security Operations Center (SOC) in responding to cybersecurity incidents.Key ResponsibilitiesSecurity Architecture & EngineeringDesign, implement, and maintain security controls across enterprise IT and OT environments.Deploy and manage security technologies such as SIEM, EDR, firewalls, IDS/IPS, and network security monitoring tools.Engineer integrations between security platforms to improve detection and response capabilities.Enhance SIEM use cases, detection rules, and correlation logic.Integrate data sources such as firewalls, endpoint security solutions, network devices, and OT security platforms (e.g., Nozomi).Support SOC teams by improving threat detection capabilities and reducing false positives.Support investigation and containment of cybersecurity incidents.Develop automation and playbooks to improve response efficiency.Assist in forensic analysis and root cause investigation of security incidents.Security Tool ManagementManage and maintain security tools including:SIEM platformsEndpoint Detection and Response (EDR)Network Detection and Response (NDR)Firewalls and security gatewaysOT security monitoring platformsSecurity Hardening & Best PracticesImplement system hardening guidelines for servers, network devices, and endpoints.Support vulnerability management and remediation activities.Ensure security configurations align with industry standards and frameworks.Work closely with SOC analysts, network engineers, and IT teams to improve overall security posture.Support deployment of security controls in new infrastructure and systems.Provide technical expertise for security-related projects.Required QualificationsBachelor’s degree in Computer Science, Cybersecurity, Information Security, or related field.3–5 years of experience in cybersecurity engineering or security operations.Experience with SIEM platforms (Splunk, QRadar, Elastic SIEM, Sentinel, etc.).Experience with network security technologies (firewalls, IDS/IPS, VPNs).Knowledge of endpoint security solutions and EDR platforms.Experience integrating logs and data sources into SIEM platforms.Strong understanding of networking protocols and security architecture.Preferred QualificationsExperience with OT security platforms (Nozomi, Claroty, Dragos).Knowledge of threat detection engineering and security automation.Familiarity with MITRE ATT&CK framework.Experience with SOAR platforms and security automation.Security certifications such as:CEHCISSPGIACSecurity+Key SkillsSecurity engineering and architectureSIEM and detection engineeringIncident response and threat investigationNetwork and endpoint securitySecurity automation and scripting (Python, PowerShell, etc.)#J-18808-Ljbffr