Sr. Defender Engineer | Remote, USA

This position will be fully remote and can be hired anywhere in the continental U.S.

The Sr. Defender Engineer is responsible for post-sales product, service implementation and service delivery.  The Sr. Defender Engineers are responsible for completing assigned projects in a manner consistent with the team’s Operational Standard, which emphasizes the importance of providing exceptional customer service.   

How you’ll make an impact

• Develop, test, and deploy actionable high fidelity XDR detections to enable a world class Managed Detection and Response team

• Build and operate detection-as-code CI/CD pipelines

• Code reviews and testing to ensure high quality and high fidelity detections

• Threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) to build detection requirements using an intelligence driven approach

• Collaborate with Security Analysts to create playbooks for triage and response for actionable high fidelity detections

• Collaborate with SIEM architects to develop and define best practices for parsing data and normalizing data to a common event schema

• Build and maintain utilities and tools to enable the managed services team to operate quickly and at a large scale

• Develop and maintain processes and documentation

• Refer potential add-on sales opportunities to either account managers or solutions engineers.

• Maintain quality service by establishing and enforcing organization standards.

• Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional associations such as ISSA.

• Obtain and maintain vendor certifications.

• Complete administrative project tasks like time and expense entry, status reporting, and project completion reporting.

What we’re hiring for

• 4+ years of experience as a detection engineer, security engineer, security analyst, threat intelligence analyst, or related field

• Knowledge of current cyber threats and how to detect them using SIEM and XDR technologies

• Advanced/Expert knowledge of Defender Suites (XDR, Endpoint, O365, Identity, VM, Cloud Apps, etc.)

• Currently holding Defender certifications (SC-100, SC-200)

• Experience working with SIEM solutions (Splunk, Sentinel, LogRhythm, etc.)

• Proven ability to code and script

• Ability to effectively communicate, mentor and tutor

• Detailed writing skills

• Ability to build relationships with and influence other functional areas

• Strong interpersonal skills

• Ability to manage multiple tasks in parallel

• Additional Endpoint technologies a plus (Crowdstrike, SentinelOne, PowerTech, Trend Micro etc.)

• Relevant industry certifications, i.e. (GCTI, GCDA, GDAT, etc)

• Hands-on experience with Linux and/or AIX operating systems. 

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.