Security Engineer SecEng Infra

About Us: 

Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services.  Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers.  Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER.  If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!! 

Position Overview: 

We are seeking a Security Engineer to join the Security Infrastructure team in managing and optimizing our security tools, with a primary focus on SIEM, EDR, NDR and related platforms. This role directly strengthens our security operations through expert management and optimization of these platforms. The ideal candidate will have hands-on experience deploying and managing EDR solutions to safeguard endpoints and implementing automated security responses. This role also requires expertise in customizing and automating client reports, ensuring robust API security, and analyzing data from various security tools for actionable insights. The Security Engineer will play a crucial part in client interactions, acting as an escalation point for the Security Engineering Support team, providing regular updates on security posture and findings. A meticulous approach to documentation and a proactive stance on staying abreast of the latest security trends are essential. This is an excellent opportunity for a detail-oriented and proactive individual who is passionate about cybersecurity and dedicated to enhancing client relationships. 

Primary Responsibilities: 

• Management of FortiSIEM, Elastic SIEM, Microsoft Sentinel and Defender XDR products, including their integration with existing tools, utilizing them to elevate existing Security Operations. 

• Manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint to identify and mitigate endpoint threats effectively. 

• Collaborate with other security teams to design and implement automated security use cases and playbooks to accelerate incident response and remediation. 

• Assist in overseeing the implementation and management of API security measures, ensuring secure data transmission and compliance with industry-standard API security protocols. 

• Collaborate with clients to develop, maintain, and automate reports using our existing security tools. These reports should effectively articulate incident metrics and trends to both technical and non-technical audiences. This role also includes automating the upload of these reports to the ServiceNow client portal. 

• Create and maintain materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders. 

• Design and implement client reports, dashboards, and metrics, and manage response runbooks and walkthrough documents. 

• Stay informed about the latest security events and techniques to enhance our operations and defense strategies, 

• Other duties as required. 

Qualifications and Required Skills: 

• 3+ years of technical experience in the design, implementation, and management of security engineering systems. 

• Proven experience with FortiSIEM, Elastic SIEM, Microsoft Sentinel and Defender XDR products. 

• Strong background in SIEM management 

• Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions. 

• Experience with SOAR tools and automated security response implementations. 

• Familiarity with API security protocols and measures. 

• Ability to analyze large amounts of data from various sources to solve complex problems and make informed decisions. 

• Proficiency in developing and automating client-facing reports. 

• Excellent communication skills for both technical and non-technical audiences. 

• Demonstrated understanding of cybersecurity threats and incident response procedures. 

• Knowledge of risk assessment tools, technologies, and methods. 

• Expertise in computer networking and security. 

• Passion for cybersecurity and continuous learning. 

• Must be able to work effectively in a team environment and collaborate within the team and with other stakeholders.