Professional Services Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Assist clients in enhancing their cybersecurity framework, focusing particularly on process optimization.

• Aid in the investigation of incidents.

• Provide education on the utilization of Zeek Logs, particularly in relation to Corelight Suricata alerts.

• Design and implement technical solutions in collaboration with ecosystem partners, such as packet brokers, asset managers, and SOAR systems.

• Execute queries and develop dashboards within SIEM platforms like Splunk, Elastic, and Humio.

• Influence clients and Corelight teams, establishing yourself as a technical authority.

• Conduct network-related testing to verify the proper operation of Corelight products.

• Carry out validation testing of Corelight products.

• Offer continuous, informal knowledge sharing.

• Collaborate with product management on product features and integrations.

• Engage with back-end tools such as Kafka and Logstash.

• Document the data importation process (MISP, Intel, etc.).

• Create custom content for threat hunting scenarios as specified by the client.

• Develop playbooks for SOC/IR workflow automation utilizing Corelight data.

• Prepare ad-hoc written summary reports regarding equipment and security issues upon request.

• Provide technical input for major service outage root cause analysis and corrective action reports.

• Lead project status meetings and wrap-up/post-mortem discussions.

• Some on-site work may be required.

⛳️ Requirements

• Must be a US Citizen.

• At least 5 years of experience in cybersecurity, with prior startup experience preferred.

• Extensive background in a SOC environment.

• Experience with Zeek/Corelight is advantageous.

• Relevant security and/or networking certifications.

• Proven expertise in Windows, MacOS, Linux, and Unix operating systems, as well as IDS/IPS, network administration, firewall configuration, and a strong understanding of TCP/IP.

• Experience with SIEM tools, particularly Splunk, with others considered a plus.

• Proficient in scripting languages such as some of Zeek, Bash, Python, Perl, and PowerShell.

• Strong presentation skills, with experience interfacing with SES/general officer-level management.

🏝️ Benefits

• Equity and additional benefits will also be provided.