Triage Security Engineer 2

As part of the Security Services team, the Triage Security Engineer (TSE) is a role that leverages your security expertise to identify, detect, and notify customers of security events ongoing within their environment.  The TSE will be expected to have a deep knowledge of various threats and forms of attack while having demonstrated experience in highly technical security roles.

Candidates Also Search: Remote Jobs In Australia

This role will have a high technical aspect and limited customer relationship function, in that you will managing security incidents and working with Concierge Security Teams to provide the post-incident remediation activities.   

Arctic Wolf TSEs are accountable for the detection and notification of security incidents to our customers.

As a Triage Security Engineer you will get to:

• Analyze incoming security events based on different data points; network, endpoint, and log sources expediently, consistently, and accurately
• Prioritize incoming events exceptionally well
• Willingness to run a security incident to completion; detect, work with team members, and communicate effectively with internal and external team parties throughout the process.
• Steer complex investigations within your area of expertise, and leverage your security knowledge to engage the other experts within other disciplines appropriately
• Prioritize task work according to understood and implied priorities
• Conduct quality reviews on outgoing tickets, security engagements, and at a system level looking for areas of improvement
• Contribute your security expertise using the development platform to elevate more precise signal with minimal noise
• Ability to coach and mentor other team members to share knowledge and expertise
• Continuously broaden your security expertise and depth within a set competency

Arctic Wolf is a fast-growing company, and all TSE candidates should expect to work with many teams within Arctic Wolf, including engineering, operations, sales, marketing, and executive management. A positive can-do attitude is a must. A willingness to learn and continuous self-improvement is critical. An ability to deal with uncertainty is a positive.

Candidates Also Search: Remote Software/ IT jobs

We are looking for someone who might have:

• 1+ years Industry experience; Information Security, Network Security, or Cyber Security roles
• 1+ years additionally as a Network Admin, System Admin, Cloud Admin, or similar is strongly preferred
• Have deep technical competency in two (2) of the following
  • Networking – common protocols, server/client infrastructure, routers, switches, WAPs, etc
  • Perimeter – firewalls, IDS, IPS, UTM, WAF, Gateways, Proxys, Mail Servers, etc
  • Authentication – AD, SSO, MFA, etc
  • IaaS – cloud services, AWS, Azure, GCP
  • End Point – MDM, EDR, EPP, AV
  • SaaS – collaboration tools including O365, GSuite, Box, Salesforce, Workday, etc
• Experience working in a Security Operation Center, security incident response teams, or in roles with security forensics or malware analysis disciplines.
• Analyze log and system data from the above list and other IT systems
• Know how to use one or more scripting tools and languages such as Python, Bash, and Power Shell
• Great writing and speaking skills
• A positive “can-do” attitude
• A willingness to learn and continuous self-improvement
• There are no specific degree or certification requirements but degrees in engineering or technology are a plus. Any security or IT certification such as CISSP is also positive.