Company Description
Novawatch is a cybersecurity company based in Scottsdale, Arizona. Our mission is to dramatically improve companies' cyber resiliency using our team of highly-trained security professionals and cutting-edge MDR technology solutions from our 24/7/365 Security Operation Center. Our suite of security services is easy to implement and manage, making us the ideal choice for organizations looking to secure their infrastructure against cyber threats.
Job Description:
We are seeking a highly skilled and motivated SIEM/EDR Security Engineer to join our team. The ideal candidate will be responsible for the deployment, configuration, and management of SIEM solutions for our clients. This role requires a deep understanding of security information and event management (SIEM) systems, endpoint detection and response (EDR) tools, as well as expertise in active directory, servers, networking, and operating systems.
Key Responsibilities:
- Deploy, configure, and manage SIEM solutions such as Rapid7 InsightIDR, Elastic, and Microsoft Sentinel for multiple clients.
- Integrate SIEM systems with various data sources, including servers, network devices, and applications.
- Develop and implement SIEM use cases and correlation rules to enhance threat detection capabilities.
- Collaborate with clients to understand their security requirements and tailor SIEM solutions accordingly.
- Perform regular health checks and maintenance on SIEM systems to ensure optimal performance.
- Deploy and manage EDR solutions, including CrowdStrike, Cortex, SentinelOne, Defender for Endpoint.
- Provide technical support and troubleshooting for SIEM and EDR-related issues.
- Conduct security assessments and audits to ensure compliance with industry standards and best practices.
- Stay up-to-date with the latest security trends, vulnerabilities, and technologies.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).
- Proven experience in deploying and managing SIEM solutions, such as Rapid7 InsightIDR, Elastic, and Microsoft Sentinel.
- Experience with EDR tools and technologies, including CrowdStrike, Cortex, SentinelOne, Defender for Endpoint.
- Strong understanding of active directory, server management, networking, and operating systems (Windows, Linux).
- Proficiency in scripting languages (e.g., Python, PowerShell) for automation and customization.
- Solid knowledge of security best practices, threat landscapes, and incident response methodologies.
- Excellent problem-solving skills and the ability to work under pressure.
- Strong communication and interpersonal skills, with the ability to interact with clients and team members effectively.