Job Closed

This listing is no longer active.

Reinsurance Group of America, Incorporated logo
Reinsurance Group of America, Incorporated

Trusted Partner. Proven Results.

Staff SOC Engineer – Security Telemetry, Detection Platforms

Security OperationsSecurity OperationsFull TimeRemoteLeadTeam 1,001-5,000Since 1973H1B No SponsorCompany SiteLinkedIn

Location

Missouri

Posted

66 days ago

Salary

$126.7K - $188.8K / year

Seniority

Lead

Bachelor Degree6 yrs expEnglishAWSAzureCloudSplunk

Job Description

Staff SOC Engineer – Security Telemetry, Detection Platforms

Reinsurance Group of America, Incorporated

• administer and engineer improvements to enterprise security telemetry and detection platforms—including Splunk Cloud, Cribl Cloud, CrowdStrike Falcon, and Tines • implement secure by default telemetry patterns and logging standards across operating systems, cloud, and network data sources • design, build, and maintain Cribl Cloud pipelines for secure, cost managed, and high throughput log routing • engineer Splunk Cloud content with an emphasis on signal quality, performance, and SLO/KPI driven cost control • define and maintain role-based access controls (RBAC) • contribute to integration and automation across SOC tooling and enterprise systems • participate in incident response by developing targeted searches, conducting log analysis, and identifying root causes

Job Requirements

  • 6+ years of progressive experience in security/infrastructure engineering or SOC engineering focused on SIEM/EDR, telemetry pipelines, and detection content
  • relevant platform certifications (e.g., Splunk Core/Cloud, Cribl Certified Observability Engineer, CrowdStrike CCFA/CCFR) – Preferred
  • security certifications (e.g., CISSP, GSEC, GCDA, Cloud+) – Preferred
  • demonstrated success deploying and operating Splunk Cloud, Cribl Cloud, and CrowdStrike Falcon at enterprise scale
  • hands-on experience engineering data ingestion pipelines and normalizing logs from operating systems, AWS, Azure, and network sources
  • strong technical background and tacit understanding of detection engineering, OCSF modeling, SPL optimization, CIM mapping, and content tuning to reduce ingest volume and improve signal to noise
  • proven ability to collaborate across security operations, architecture, infrastructure, and product teams

Benefits

  • health, retirement, and other employee benefits
  • annual bonus plan
  • long-term equity incentive plan

Related Categories

Related Job Pages

More Security Operations Jobs

Rapid7 logo

Security Operations Analyst

Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.

Full TimeRemoteTeam 1,001-5,000Since 2000H1B Sponsor

Job Description We are seeking someone with a passion for cyber security to join our team. As a Security Operations Analyst with Rapid7 you will work with a combination of tools and Rapid7's command platform to investigate and triage security events. Working with Rapid7's Global Security Operations team is an ideal opportunity to gain a deep understanding of threat detection and response. As part of this team you will be in the best position to develop the skills needed to build a career in cyber security. About the Team Our Information security team is tasked with enhancing our security posture and elevating customer confidence in Rapid7 products and services. Together, we lead the effective delivery of business outcomes, and program maturation through standardization and iterative improvement. As part of our team, you'll work with highly engaged and capable colleagues to build and implement complex, cross-functional initiatives that secure our business, our employees, and our customers. About the Role As a Security Operations Analyst, your core daily function will be the review of alert data to pinpoint malicious activity within the Rapid7 environment. You will have the authority to lead and drive these investigations, which span the entire lifecycle from evidence collection and analysis to determining the initial intrusion vector and identifying all associated malicious or unexpected activity. A critical output of your investigation will be the creation of an Incident Report, documenting your technical analysis, findings, and recommended remediation steps. You will operate within a supportive team environment, with fellow analysts, including Senior and Lead Analysts, available for consultation and assistance whenever you encounter challenges or have questions. A Security Operations Analyst is also involved in proactive threat identification through rotational threat hunting activities, which aim to uncover unknown threats within the Rapid7 environment. Furthermore, in the event of a security incident escalating to a formal Incident Response engagement, the Analyst may be assigned investigation duties. These duties primarily involve assisting the team in tracking threat actor movements across the environment by meticulously analyzing forensic artifacts. In this role, you will: - Contribute to a global Security Operations team. - Provide high-quality threat detection services. - Lead or support incident response investigations for Rapid7. - Help document and implement knowledge of current attack methodologies. - Conduct research to enhance threat detection capabilities and reinforce brand reputation. - Offer ongoing feedback to Rapid7's product development teams. The skills you'll bring include: - 1-3 years of experience within cyber security operations - Strong problem-solving ability, critical thinking skills, and ingenuity. - A passion for cybersecurity, coupled with a keen curiosity and eagerness to learn. - Required familiarity with MacOS, Windows, and/or Linux operating systems. - Essential experience using Security Information and Event Management (SIEM) tools, such as the Rapid7 command platform or Splunk, or comparable platforms. - Experience in common Security Operations Center (SOC) functions, including but not limited to, incident response, threat hunting, detection engineering, malware analysis, or forensic investigations (network and endpoint). - The aptitude to identify areas for process improvement and successfully implement solutions. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-TD1 About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us. Rapid7, Inc. is committed to fair and equitable compensation practices. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. We evaluate compensation decisions on a case-by-case basis, and it is not typical for an individual to be hired at the very top of the salary range. The salary range for this role in the US is: $81,500.00 - 110,300.00 USD Annual Salary ranges may vary based on geographical location. This range does not include variable/incentive compensation, equity and benefits (where applicable/eligible). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.

United States
$81.5K - $110.3K / year
Job Closed
Delinea logo

Security Operations Analyst

Delinea

Delinea, Inc. is a leading privileged access management solutions provider that helps make security a seamless experience for the modern, hybrid enterprise. The

Role Description Delinea’s Cybersecurity organization is seeking a skilled Security Operations analyst with experience working within a distributed security operation center. This role will be engaged in actively enhancing the security monitoring of Delinea systems, while responding to security alerts and incidents. The successful candidate will be able to adeptly identify, investigate, and prioritize security events of diverse systems to protect Delinea. This position will report to the Security Operations Manager and will work remotely based in the Philippines with working hours from 9 AM to 5 PM Manila Time. There will be a requirement to shift working hours twice a month to attend team meetings. What You’ll Do - Monitor Delinea security platforms to identify, investigate, and respond to security events. - Lead cross-functional response coordination for security incidents. - Develop, design, and implement security operations enhancements to reduce risk. - Work with other business areas to enhance security and provide security awareness. - Research, evaluate, and implement security products and services as directed by security management. Qualifications - 3+ years of hands-on experience in a Security Operations (SOC) role. - Demonstrated working experience at the enterprise level with security information and event management, endpoint detection and response, network detection and response, vulnerability management, threat intelligence, security awareness, data loss prevention, firewalls, and email security. - Experience developing security alerts from logs and events to identify anomalies. - Experience responding to security incidents to mitigate risk. - Strong customer service and ability to explain complex technical subjects to internal customers. - Proficient in spoken and written English. Requirements - Security and/or technical industry certifications (ISC2, GIAC, EC-Council, ISACA, CompTIA, Cisco, Microsoft). - Experience with digital forensic, privileged access management, and penetration testing tools. - Experience with developing security awareness activities, procedures. - Experience working within common regulatory and statutory requirements (GDPR, CCPA, SOC2, ISO 27001, NIST). Benefits - Competitive salaries. - Meaningful bonus program. - Excellent benefits, including healthcare insurance. - Pension/retirement matching. - Comprehensive life insurance. - Employee assistance program. - Time off plans. - Paid company holidays.

Philippines
Full TimeRemoteTeam 51-200Since 1998H1B No Sponsor

• The individual performs monitoring, research, assessment, and analysis of internal and customer environments in relation to patch management. • Applying OS level patches for internal and customer environments using IBM BigFix. • Create and maintain vulnerability and patch reports internally and for customers • Collaborate with client technical teams for issue resolution and mitigation. Help remediate security issues by interfacing with internal/external customer teams and other tool vendors. • Perform log analysis, and communicate clearly regarding the results of log analysis, use of IDS, IPS, and/or other signature technology. • Manage and maintain the log management and threat analysis solution.

Iowa
$20 - $21 / hour
Job Closed
Full TimeRemoteTeam 10,001+H1B Sponsor

• Develop and manage internal and external sales relationships • Build and implement account / marketing plans for account penetration • Generate a sales pipeline and accurately forecast pipeline • Achievement of agreed quarterly sales goals • Collaborate with Regional Sales Managers and Regional Systems Engineers • Establish yourself as a trusted advisor to prospects and customers

Canada
Job Closed