Security Engineer II, Elastic Stack MSS
DescriptionProficio, a global Managed Security Services Provider (MSSP) and leader in Managed Detection and Response (MDR), provides always-on cybersecurity protection services. Our 24x7 security operations centers (SOC) help clients detect and respond to critical threats and prevent the risk of a security breach.
We are revolutionizing the way organizations meet their IT security and compliance goals by providing cutting edge managed, cloud-based security services — without the cost and complexity of acquiring sophisticated software or operating your own SOC.
Proficio's service offering includes:
- ProSOC is Proficio’s real-time security monitoring and managed security service. ProSOC security experts use industry leading SIEM technology to monitor, prioritize and respond to security alerts 24×7.
- ProSCAN is a highly accurate vulnerability management service protecting against security threats and automating compliance reporting and workflow.
- Proficio offers a range of consulting services including penetration testing, risk assessments and vulnerability analysis.
Proficio’s customers benefit from receiving highly cost-effective solutions ensuring the security, compliance, and performance of their networks and applications. See www.proficio.com for more.
Founded in 2010, Proficio is headquartered in Carlsbad, CA. We have a dedicated team of 130+ employees and a rapidly expanding customer base around the globe. Proficio was added to the Cybersecurity 500 list and awarded the CIOHONOUR award in the MSSP category in 2016.
We are seeking an Security Engineer II to serve as a technical resource and leader for our Elastic Search clients. This position has two components and supports both our team that Onboards new customers and our MSS team that manages security devices for our customers.
Onboarding: this part of the position centers on security and availability of customer data as it is brought into the Proficio SIEM. The Security Engineer II will assist in working with new clients as they transition to our ProSOC service. This includes ensuring timely deployment of services, developing a personalized on-boarding strategy for each customer and auditing of systems reporting from the client to our Security Operation Center.
MSS device configuration/maintenance: this part of the position will help ensure delivery of our Elastic Stack Managed Security Services to meet or exceed the defined service levels of our clients. The Security Engineer II will respond to customer requests and act as a trusted technical resource for our clients while striving to maintain high reliability and performance within our customer’s environments. This position also includes managing and optimizing overall IT infrastructure and systems used in the delivery of our Managed Security Services.
- Assist in the onboarding and implementation of ProSOC service and Managed Security Services solutions for Proficio clients across industries and geographic locations.
- Act as a technical liaison between Proficio and its customers during the onboarding process.
- Review technical security posture (network, application, and database) for existing and newly acquired businesses or services. Specific to Elastic Stack, work will include deploying agents and managers in Wazuh and building clusters in Elastic utilizing x-pack.
- Perform security reviews and monitoring of the production environment.
- Perform the installation and configuration of security monitoring tools in support of our ProSOC service.
- Use out of the box thinking as well as industry standard troubleshooting tools, such as, Wireshark, TCPDUMP, and other tools, to facilitate on-boarding of customer data sources.
- Work with senior staff to evaluate client security devices and make recommendations based on industry standards for security configurations.
- Assist Proficio engineering team with tasks related to the review and development of Managed Security Services related processes and procedures.
- Assist senior staff when they provide Subject Matter Expert (SME) services related to Elastic Stack installations, engaging directly with clients to perform necessary research, answering questions and making recommendations based on industry standards and best practices.
- Participate in engineering team on-call rotation.
- A Bachelor’s degree in Information Systems, Business, Engineering, or a related field from an accredited institution OR equivalent experience
- 4-5+ years’ experience as a Network Engineer or Security Engineer working with a broad range of technologies
- Minimum 2+ years’ experience in Information Technology IT Security in a SOC or NOC environment working with a broad range of technologies highly preferred.
- Security certification required, such as, Security+ and Network+. Security certification such as SANS/GIAC, CISSP, CISA, CISM are a plus
- Basic Unix or Linux systems administration and command-line experience (Redhat/Linux, FreeBSD, etc.).
- Experience with Windows Server security logs.
- Knowledge with network analysis tools, such as, Wireshark and TCPDump and SCP.
- Knowledge of UNIX and Windows environments as may pertain to Network and Security tasks including syslog, DNS, load balancers and BIND, BigIP command line on BSD, Windows Event Log.
- Hands-on experience installing, configuring and administering Elastic nodes and clusters, applications and systems; SME capability in Elastic Stack specifically in Wazuh, Elastic, and x-pack; Beats is a plus.
- General understanding of SIEM operations highly preferred with HP ArcSight or Splunk (E or ES) experience as a strong plus
- Proficient with Linux (scripting in Bash or Perl is required and Python is a plus)
- Vendor certifications: Elastic Certified Engineer is required for this role
- Effective time task management skills.
- Strong communications skills, both written and oral
- Ability to participate in on-call rotation for after hours and weekend escalations
- 1+ years’ experience Elasticsearch SIEM tools including Wazuh, Elastic, x-pack, and Beats specific work
LOCATION & TRAVEL
This position is located in our Carlsbad office and requires less than 10% travel to customer sites. Limited remote work is available once fully trained on the duties and responsibilities of the role.
- Medical, Dental and Vision health plans and other benefits from day 1
- Weekly ProLunch, Game Room and fun employee activities!
- 401K plan
- Gym reimbursement
- Employee Assistance Program
- Life and Voluntary Life Insurance programs