Security Architect

TechNix LLC
Columbia, United States of America
3 days ago

Role details

Contract type
Temporary to permanent
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Columbia, United States of America

Tech stack

Microsoft Windows
ARM
Bash
Computer Security
Linux
Intrusion Detection and Prevention
Python
Powershell
Security Information and Event Management
Mitre Att&ck
Information Technology

Job description

The position will work as a consulting Detection engineer within the Division of Information Security. This role will focus on creating, tuning, and maintaining new and existing detection rules within the State monitoring environment. Engaging directly with state agencies to promote, support, and improve adoption of centralized security services is a key focus. The engagement is expected to be needed for 12 months with the possibility of extension., * Review and tune current detection rules within the State SIEM.

  • Perform Gap analysis of the current detection coverage.
  • Develop detection rules/solutions to cover found Gaps.
  • monitor threat intelligence sources for new use cases.
  • Work with State SOC analysts to create and tune rules.
  • Work with the State Threat Hunter to identify and remediate detection coverage gaps.
  • Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
  • Coordinate with engineering, SOC, and agency staff as needed to meet goals.

Other duties as needed

Requirements

  • Proven experience with detection tuning/development..
  • Experience with dashboard creation and reporting.
  • Excellent communication and customer service skills for agency-facing engagement.
  • Experience in working in multi-tenancy environment
  • Experience in multi-agency or enterprise service projects.

Required Education/Certifications:

  • BACHELOR'S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD
  • EIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION
  • FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS
  • 5+ years of Strong scripting and automation skills (Python, Bash, PowerShell, or similar).
  • Understanding of Sigma, YARA, and other industry standard detection languages.
  • Familiarity with MITRE ATT&CK framework

Preferred Skills

  • Experience with the Palo Alto Cortex XSIAM platform.
  • Deep understanding of Windows/Linux artifacts.

Preferred Education/Certifications:

  • CISSP, CISA, CISO or equivalent advanced security certification.
  • Additional relevant certifications (e.g., CEH, OSCP, GPEN).
  • VENDOR CERTIFICATIONS IN DETECTION ENGINEERING.
  • Resource is local to Columbia, South Carolina or a surrounding city in South Carolina

Apply for this position