Senior Cloud Security Engineer

Position Summary

The Senior Cloud Security Engineer is responsible for the global management and operations of DLP, SIEM, Endpoint Protection, EDR, WAF/DDoS tooling across the enterprise. This role will be focused on threat detection work and needs to be an expert in detection as it relates to Cloud, network and application security. The Engineer also develops new security detection use cases to detect and prevent penetration, fraud and abuse within Stretto products. This position reports to the VP, Infrastructure and is a key role within Stretto’s IT organization.

Essential Duties and Responsibilities

• Manages and provides expert level guidance on configuring WAF, SIEM, EDR, DLP and other security technologies across the enterprise environment.
• Collaborates closely with engineering teams across the organization to provide operational support for WAF, Bot Management, and DDoS protection.
• Leads attack simulation tests to validate detection use cases are identifying attack patterns within on-prem and cloud systems.
• Develops threat detection and automated threat remediation use cases utilizing SIEM and other technologies.
• Develops and advances security tooling in-house to detect and respond to custom use cases.
• Collaborates with the Enterprise Security team to continuously improve cybersecurity capabilities in identification, management, and response to threats in the most efficient and effective manner.
• Manages, administrates, and improves security monitoring products for WAF, SIEM, DDoS protection, and other industry standard security technologies.
• Leverages Threat Intelligence and performs threat hunting activities to identify compromised accounts and systems with EDR and other technologies.
• Proposes and helps review security plans and policies to improve the organization's security posture.
• Maintains operational playbooks, diagrams, and documentation for security detection and response.
• Reviews proposed security deployments to ensure security monitoring requirements are met.
• Other duties may be assigned as needed to address new security threats facing the enterprise.
• Utilizes MITRE ATTACK and industry standard frameworks to build and test detection use cases.
• Provides off hour support as needed for security administration, detection, and response activities.

Education and/or Work Experience Requirements

• 5+ years of experience in Cloud Infrastructure, Security and Networking
• 5+ years’ experience in cloud networking (public, private and hybrid/multi cloud) technologies, particularly in the context of AWS, Azure and GCP.
• 5+ years related Security Engineering experience required
• Expert level knowledge on SIEM, DLP, EDR, WAF, Web Security, DDoS protection, data analytics, and Bot Management
• Experience with developing SIEM/SOAR detection and automation use cases.
• GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)

The annual salary for this role is currently $145,000.00-$165,000.00. The Company’s salary ranges are determined by role, level, location and alignment with market data. Individual pay is determined through interviews and an assessment of various factors, including job-related skills, relevant education and experience, abilities of the applicant and equity with other team members.  The salary range listed here is subject to change at any time, at the Company’s discretion, and does not alter in any way the at-will nature of the employment relationship.

Stretto offers a competitive and comprehensive benefits package, along with opportunities for growth. We are an equal opportunity employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender, age, religion, disability, sexual orientation, veteran status, marital status or any other characteristics protected by law.