ABOUT the MAD SECURITY TEAM
At MAD Security, your passion for excellence and dedication to integrity can thrive. Every challenge is an opportunity to innovate, and every project is a chance to exceed expectations. As an esteemed team member, you're not just doing a job; you're making a difference in a culture that values hard work, accountability, and continuous growth. Be a part of a team where your efforts are recognized and celebrated, your integrity is cherished, and your professional development is a priority.
Position Overview
We seek a Senior Cybersecurity Engineer with proven experience in Security Operation Center environments, particularly within MSP or MSSP organizations. The ideal candidate is driven by a commitment to excellence and continuous improvement, with a strong focus on protecting our clients by simplifying complex cybersecurity challenges. This role requires extensive expertise in SOC operations, incident response, threat hunting, and vulnerability management.
As a Senior Cybersecurity Engineer, you will be part of a dynamic, multi-functional team that includes network engineers, cyber operations technical leads, cyber operations center managers, firewall engineers, and compliance management consultants. This role reports to the SOC Technical Lead and encompasses three key responsibilities :
- Client Support and Relationship Management : Provide expert cybersecurity guidance to clients, building trust and fostering partnerships to address their unique cybersecurity needs.
- Collaboration with Stakeholders : Engage in discussions and meetings with senior executives, Information System Managers, and Cybersecurity Specialists within MAD Security and externally.
- Objective Alignment : Contribute to achieving company goals monthly, quarterly, and annually.
We seek someone passionate about cybersecurity, capable of managing advanced SOC operations, and dedicated to driving meaningful results for our clients.
PRIMARY DUTIES and ESSENTIAL FUNCTIONS
Master utilizing the technical tools and procedures used to manage the SOCDeep understanding of how SIEM / SOAR technologies functionExperience in administrating and maintaining ElasticsearchExperience in problem-solving during incident response eventsExperience with planning and executing focused threat hunt operationsCollaborate with all SOC experts to monitor, identify, and make notifications on cybersecurity matters to provide a holistic and seamless cybersecurity experience for the clientAnalyze, triage, aggregate, escalate, and report on client security events, including investigation of anomalous and malicious activityPerform correlation and trend analysis of security logs, network traffic, security alerts, events, and incidentsContinuously work to improve SOC technologies to minimize false positives and maximize detection and prevention effectivenessDevelop and track key performance indicators (KPIs) related to SOC operations to benchmark and further enhance capabilitiesDevelop comprehensive and accurate reports and presentations for technical and executive audiencesDesign and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issuesCommunicate regularly with the team and with clients to proactively address concernsREQUIRED QUALIFICATIONS
Minimum six (6) years of experience in IT Security and / or Information Technology.Experience working in a Security Operations Center in an enterprise or managed services provider environment.Experience in an incident response, forensics, threat hunting, or incident investigation role in large-scale environments.A bachelor's degree in the following areas of study is preferred : Information Technology, Information Security / Assurance, Computer Science, or an equivalent combination of education and experience. A master's degree is a plus.Industry-recognized professional certifications such as CISSP, CASP , GCIH, GCFA, GNFA, GREMExperience with industry security tooling in SIEM / SOAR platforms.Fortinet, AT&T AlienVault, Avanan, Preveil, Bricata, Elastic is a plus.Skills and Capabilities
Strong problem-solving and critical-thinking skills. Ability to prioritize and execute autonomously.Ability to develop and manage cybersecurity projects.Ability to communicate effectively with all staff, management, and clients orally and in writing.Ability to collaborate across the organization and operate effectively with multiple teams and solutions towards a shared goal.Strong understanding of the latest security principles and protocols.Strong understanding of security operations technologies, including SIEM and orchestration.Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.Demonstratable working knowledge of emerging technologies and tactics used within a SOC or IR and how they are applied to improve efficiency and effectiveness.Understanding of tactics, techniques, and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures, and threat-hunting techniques.
