Senior Engineer - CFC - Security Architecture & Engineering

About
Core42 helps defend its clients from cyber-attacks through timely detection, investigation, and remediation of potential threats. We are looking for a talented Security Engineer and Architect to work in a fast-paced environment, driving enablement, performance, service maturity, and reliability of managed security services on physical and cloud platforms. This role will ensure the sound delivery of technical and onboarding projects, systems, and services, offering a mixture of project delivery, system integration, maintenance, and support around the complete CFC technology stack.

Responsibilities

• Develop and maintain security architecture frameworks, standards, and guidelines to ensure the confidentiality, integrity, and availability of information assets.
• Coordinate with various vendors, customer teams, and business stakeholders on design and setup activities at different stages of a technical project.
• Offer innovative solutions that meet business needs while remaining cost-effective.
• Identify, liaise, and manage escalated faults with internal and third-party suppliers for major incidents and improvements.
• Prioritize work efforts dynamically to meet deadlines and work effectively with minimal supervision in a team environment.
• Install, configure, manage, maintain, and support tools hosted on Windows/Linux platforms.
• Compile and maintain necessary documentation of all system designs, builds, runbooks, and modifications.
• Monitor systems, identify/resolve issues, and prepare status reviews and reports while adhering to strict Service Level Agreements.
• Seek opportunities to identify tasks/processes that can support automation and increase operational efficiencies.
• Administer and implement SIEM, EDR, SOAR, NDR, VAPT, and Azure technology stack.
• Troubleshoot complex technical issues related to tool functionality.
• Configure and maintain Azure Sentinel workspaces to optimize threat detection and analysis.
• Manage vendor support cases to ensure issues are recorded, tracked, and resolved in a timely manner.
• Perform regular security patching and application upgrades to mitigate potential threats and weaknesses in systems and applications.
• Collaborate with team members and stakeholders, clearly communicating work status and key issues to management.
• Continuously assess data coverage and areas for improving Azure Sentinel.

Essential Job Functions

• Administration and Implementation of SIEM, EDR, SOAR, NDR, VAPT, and Azure technology stack.
• Experience with industry-recognized SIEM solutions such as ELK, Sentinel, Qradar, ArcSight, Splunk, LogRhythm, etc.
• Advanced knowledge of Windows Server, PowerShell, Python, and other scripting languages.
• Integrate SOAR platforms with other security tools and APIs to execute automated workflows.
• Logging and auditing cloud infrastructure with Azure Sentinel and orchestration efforts.
• Advanced knowledge of Linux OS.
• Author, test, and maintain automation scripts/workflows within the SOAR platform.
• Technical troubleshooting and root-cause analysis of SOAR solutions.
• Experience with configuring and using automated monitoring tools such as FortiSOAR, Demisto, Phantom.
• Ability to document processes and procedures clearly.
• Excellent written and oral communication skills.

Good to have

• Experience related to Operational Technology (OT), Industrial Control Systems (ICS), and/or IoT industries.
• Experience with various Cloud platforms, such as AWS, GCP, or Azure.
• Experience with Artificial intelligence and Machine learning technologies.

Qualifications

• BA/BS/BE or MS degree in IT, Computer Science, or equivalent required.
• 8+ years of experience in areas such as SIEM administration, Linux OS administration, networking, Windows OS, EDR, Sentinel, and NDR.
• 3+ years of experience with SOAR platforms such as FortiSOAR, Phantom, Cortex, XSOAR, Swimlane, etc.
• 2+ years of experience in Microsoft Azure Sentinel stack.
• Relevant certifications in Azure AZ900, SC200, SC100, etc.
• Working knowledge of security-related scripting, Python, SOAP/REST APIs, JSON, HTML/CSS, JavaScript, XML, GO, Kusto/KQL, PowerShell.
• Experience with SOC SOPs, playbooks, work instructions, and/or other process documents.
• Relevant professional certifications in information technology or cloud security, e.g., CISSP, CCSP, TOGAF, SIEM Certifications, Azure certifications, etc.
• In-depth understanding of compliance and security controls and various industry standards (NIST, NESA, CIS, etc.).
• Strong understanding of computer science principles: algorithms, data structures, databases, operating systems, networks, and tool development.
• Knowledge in firewalls, VPN, intrusion detection and prevention systems, anti-virus, content filtering, URL filtering, and authentication solutions.

What we look for
We seek a performance-driven, inquisitive mind with the agility to adapt to ambiguity. Candidates should be eager to explore opportunities for meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. A bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.

What working at Core42 offers

• Culture: An open, diverse, and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking innovations.
• Career: Outstanding learning, development, and growth opportunities through structured training programs and innovative, high-tech projects.
• Work-Life: A hybrid work policy to strike the perfect balance between office and home.
• Rewards: A competitive remuneration package with perks including healthcare, education support, leave benefits, and more.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.