RemoteLeaf Logo
Log in Sign up

MEDR Threat Engineer

1 hour, 54 minutes ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
Carbon Black Elasticsearch Linux macOS Network Security SIEM Splunk
Apply Now
Proficio

Proficio

Proficio specializes in providing managed detection and response services, utilizing advanced technology and 24/7 security monitoring to protect medium to large organizations from cyber threats while ensuring compliance and bridging security gaps.

Professional Services
51-250
Founded 2010
$13M raised
View All Jobs

Description

  • Act as the subject matter expert for initiatives that improve EDR visibility, detection, and prevention for Windows, macOS, and Linux.
  • Develop and enhance SOAR workflows and playbooks integrated with EDR systems for incident response and threat management.
  • Design and implement advanced automated orchestration solutions to address complex security challenges.
  • Define and maintain the strategy and roadmap for Carbon Black, CrowdStrike, and SentinelOne detection capabilities.
  • Collaborate with SOC and Managed/Hosted SIEM teams to analyze threat activity and attack trends.
  • Identify unmet customer needs, define use cases, and improve the functional capabilities of the MEDR offering.
  • Maintain and administer endpoint security management tools such as antivirus, DLP, and web/spam filtering tools.
  • Assist customers with viruses, system vulnerabilities, threats, detections, and incident response actions.
  • Create efficiencies and strategies to improve cyber incident detection and response.
  • Escalate detections, incidents, and alerts to customers through ITSM/ITIL tools.

Requirements

  • 4+ years of experience in IT in a professional work environment.
  • 3+ years of experience supporting enterprise EDR solutions through deployment, configuration, or maintenance.
  • Experience with CrowdStrike Falcon, Microsoft Defender, and/or SentinelOne required; Cisco Secure Endpoint and Sophos experience is a plus.
  • 3+ years of experience in EDR and/or antivirus, with malware and attack analysis, research, investigation, and response highly desirable.
  • 1+ years of systems administration experience, including troubleshooting, installation, monitoring, and security upgrades.
  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles.
  • Knowledge of enterprise operating system configurations and management tools used for EDR deployment and administration.
  • SOC experience in incident response, vulnerability scanning, threat hunting, network monitoring/log management, or compliance management is preferred.
  • Experience with SIEM, TIPs, or network monitoring tools is preferred.
  • Experience triaging security events in a SOC and integrating cybersecurity data using tools such as Splunk and Elastic.

Benefits

  • Salary of $85K.
  • Peer training and mentoring with upward mobility.
  • Health, dental, and vision plans available starting the first month, with additional benefits available from day one.
  • Unlimited Flex Time Off.
  • 401(k) plan.
  • Gym reimbursement.
  • Employee Assistance Program.
  • Life and voluntary life insurance programs.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

WaveStrong,

Remote Imperva Data Security SME

WaveStrong, 51-250 Internet Software & Services

WaveStrong is seeking a Remote Imperva Data Security SME to support enterprise data protection efforts by configuring and overseeing Imperva security solutions across customer environments.

United States Full-time Senior Security Engineer
WAF
24 minutes ago
WaveStrong,

Remote SOAR Developer/Engineer

WaveStrong, 51-250 Internet Software & Services

Remote contract role for a SOAR Developer/Engineer at an unspecified company, focused on automating SOC incident response workflows and improving security operations processes.

United States Contract Junior Security Engineer Software Engineer
CSS Cybersecurity DevSecOps HTML JavaScript JSON Network Security Python REST API SIEM SOC Splunk Visual Studio XML
24 minutes ago
GXA

Dev Ops AppSec & Security Engineer

GXA 11-50 Internet Software & Services

The Dev/Ops AppSec & Security Engineer at an unspecified company supports application operations and security initiatives by embedding security into the application lifecycle and strengthening organizational resilience across application and infrastructure environments.

Israel India Pakistan Philippines Sri Lanka Contract Senior Security Engineer
Azure Azure Pipelines CI/CD Encryption HIPAA OWASP Penetration Testing REST API SIEM
24 minutes ago
Ethena

Head of Security

Ethena 1-10 Diversified Financial Services

Ethena Labs is seeking a globally remote Head of Security to lead and own the company’s end-to-end security strategy across its crypto and stablecoin products, infrastructure, and operations.

Anywhere Executive Penetration Tester Security Engineer
AWS Cybersecurity Kubernetes Penetration Testing SIEM
24 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers