Security Engineer

We are partnering with a large, enterprise-scale organization in the retail and consumer services industry to identify a Security Engineer to support and evolve their endpoint security and observability platforms. This role sits within a highly visible security engineering function responsible for safeguarding systems used by tens of thousands of employees and devices. The ideal candidate is hands-on, operationally strong, and comfortable supporting production security tooling in a fast-paced environment. This is a hybrid role with onsite work on Tuesdays and Wednesdays, and remote work the remaining days., As a Security Engineer, you will be responsible for the day-to-day operation, reliability, and continuous improvement of endpoint security tooling and supporting infrastructure. You will partner closely with incident response, detection engineering, and platform teams to ensure telemetry, detections, and response mechanisms are operating effectively. Key responsibilities include:

• Operating and supporting endpoint security platforms such as Tanium, CrowdStrike Falcon, and Jamf Protect
• Performing incident triage, escalation, and operational response for endpoint-related security events
• Managing configuration requests, detections, exclusions, and platform changes in production environments
• Supporting endpoint telemetry and logging pipelines (e.g., Logstash, Beats) and troubleshooting ingestion or data quality issues
• Maintaining and improving Linux-based systems that underpin security tooling
• Developing Python-based automation and scripts to streamline operational workflows and API integrations
• Supporting platform upgrades, migrations, and agent lifecycle management
• Creating and maintaining runbooks and technical documentation to support operational readiness
• Monitoring platform health, reliability, and observability using metrics and dashboards

• Hands-on experience operating endpoint security platforms, with strong proficiency in at least one of the following:

• Tanium (preferred)
• CrowdStrike Falcon
• Jamf Protect (day-to-day operations, policy management, agent health, troubleshooting)

• Experience supporting production security tooling environments, including:

• Incident triage and escalation
• Request management (detections, exclusions, configuration changes)

• Experience with endpoint telemetry, logging, and observability, including:

• Security logging
• Logstash / Beats pipelines (Auditbeat or similar)
• Elastic Logstash
• Apache Kafka
• Data validation, ingestion troubleshooting, and metrics analysis

• Strong Linux systems administration skills, including:

• Host-level troubleshooting
• System logs, process behavior, and performance analysis

• Experience with scripting and automation using Python, including:

• Automating operational tasks
• API integrations for reporting and systems management

• Experience supporting platform upgrades and migrations for endpoint agents or logging infrastructure
• Familiarity with:

• Platform reliability and monitoring
• Telemetry and observability tools such as Grafana and Telegraf

• Experience using:

• GitHub for version control
• Postgres databases
• Certificate management

• Ability to develop and maintain runbooks and technical documentation

Preferred

• Experience improving detection quality, including:

• Alert tuning and false-positive reduction
• Validation using test or synthetic events

• Familiarity with endpoint detection and response (EDR) workflows, including:

• Threat response actions
• Behavioral or memory-based detection concepts

• Experience with observability and data platforms such as:

• Elasticsearch / Kibana
• ClickHouse

• Exposure to DevOps and infrastructure tooling, including:

• Ansible, Chef
• Terraform, Jenkins
• Docker, Kubernetes

• Experience with big data technologies:

• Apache Hadoop, Hive, Spark ecosystem

• Familiarity with Google Cloud infrastructure and security
• Experience with Java and Spring Boot
• Exposure to Velociraptor for incident response

Dahl Consulting is proud to offer a comprehensive benefits package to eligible employees that will allow you to choose the best coverage to meet your family's needs. For details, please review the DAHL Benefits Summary: .