Cyber Engineering Consultant

We are seeking a highly skilled Resident Engineer to join a Professional Services team as part of a Extended Expertise program. In this role, you will work closely with customers to ensure successful deployment, operationalization, and adoption of our SIEM/ SOAR platforms. This is a hands-on, customer-facing position requiring deep technical expertise and strong communication skills. An active Top Secret Clearance is required.

Key Responsibilities:

• Deployment & Operationalization: Lead the implementation and configuration of Security solutions in protected environments.
• Troubleshooting & Support: Diagnose and resolve technical issues related to endpoint security, networking, and system performance.
• Training & Enablement: Deliver training sessions and documentation to empower customers to maximize product value.
• Incident Response Expertise: Provide guidance based on experience as a Security Incident Responder or SOC analyst/manager.
• Customer Success: Analyze customer requirements and provide strategic guidance to accelerate time-to-value and ensure successful product adoption.
• Product Expertise: Act as a Subject Matter Expert (SME), collaborating with product and engineering teams to optimize customer outcomes.
• Threat Hunting & Detection Engineering: Develop and tune alerts, create custom BIOCs, and correlation rules for new log sources.
• Continuous Engagement: Drive product adoption by introducing new features and innovative use cases.

Required Skills & Experience:

• Proven experience in SIEM, SOAR, and EDR deployment, operationalization, and troubleshooting.
• Background as a SOC analyst or Security Incident Responder.
• Strong understanding of cloud technologies (AWS, Azure, GCP) and their security use cases.
• Networking fundamentals: TCP/IP, OSI Model, troubleshooting, and analysis.
• Familiarity with machine learning applications in cybersecurity.
• Experience with enterprise security products, processes, and ecosystems.
• Hands-on experience with SIEM tools (e.g., Splunk) and XDR platforms.
• Ability to develop and maintain scripts in Python or PowerShell.
• Proficiency in query languages (XQL, SQL) and log ingestion/parsing.
• Basic Linux administration and troubleshooting skills.
• Familiarity with XDR APIs and integration workflows.
• Strong communication skills and experience in customer-facing roles.

Preferred Qualifications:

• Experience with threat hunting, detection engineering, and custom rule development.
• Knowledge of model-based development tools and automation.
• Familiarity with machine learning-driven detection in cybersecurity.

Compensation:

• $125,000 - $150,000 (Unlimited PTO, 401k plan, Cigna benefits)

Keywords:

Endpoint Protection, XDR, SIEM, Splunk, SOC Analyst, Security Incident Response, Threat Hunting, Detection Engineering, BIOCs, Log Parsing, XQL, SQL, Python, PowerShell, Linux Administration, TCP/IP, OSI Model, Cloud Security (AWS, Azure, GCP), Machine Learning in Cybersecurity, Networking, Cybersecurity Ecosystem, Customer Success, Product Adoption, API Integration, Professional Services, Resident Engineer