MEDR Threat Engineer US work hours

Overview Proficio is an award-winning MDR services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs). We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis. Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals is widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches. While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI. Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within. Summary The Managed Infrastructure Services team is seeking an experienced MEDR Threat Engineer who is technical, collaborative, and truly excited about working on endpoint products. In this role, you will bring your in-depth knowledge of the endpoint and detection response tasks to help guide the evolution of Proficio's Managed EDR visibility, detection, and prevention technologies. You will work closely with engineering, project managers, Hosted & managed SIEM team, sales, and other departments. You will bring existing knowledge about product EDR best practices and apply them in delivering significant new features and enhancements. The successful candidate will have the ability to interface and influence cross-functional teams throughout the company. Responsibilities Act as the SME for initiatives that enhance EDR visibility, detection, and prevention for Windows, macOS, and Linux Develop and enhance SOAR workflows and playbooks, integrating them with EDR systems for more effective incident response and threat management Innovate and implement sophisticated SOAR solutions, including custom automated workflows and orchestration that address high-level security challenges Define and maintain strategy and roadmap for Carbon Black and CrowdStrike, and Sentinel One’s Detection functionalities with other team members, and other departments Collaborate closely with SOC, Managed/Hosted SIEM team to understand threat and attack trends Utilize strategic insight and organizational skills to identify unmet customer needs, define use cases, and advance the functional capabilities of this offering Maintain, administer and provide end point security management tools (anti-virus, data loss prevention, web/spam filtering, etc.) Assist customers with viruses and system vulnerabilities/threats Implement efficiencies and create strategies to better detect/respond to cyber incidents, alerts and detections Escalate detections/incidents/alerts to our customers through the ITSM/ITIL tools Qualifications 4+ years of experience with IT in a professional work environment 3+ years of experience with deployment, configuration, or maintenance to support Enterprise EDR Solutions, including CrowdStrike Falcon, Microsoft Defender, and/or Sentinel One Additional experience in Cisco Secure Endpoint and Sophos are pluses 3+ years of experience in EDR and/or AV; previous work in malware and attack analysis (is Plus), research, investigation, and response highly desirable 1+ years of experience with performing systems administration, including basic troubleshooting and installation, monitoring system performance or availability and performing security upgrades Knowledge of network security architecture concepts including topology, protocols, components, and principles Knowledge of various Enterprise Operating System (OS) configurations and management tools for use during deployment, configuration, and management of EDR solutions Additional Qualifications Good to have experience working in a Security Operations Center (SOC) environment including Incident Response, Vulnerability Scanning, Threat Hunting, Network Monitoring/Log Management, or Compliance Management Good to have experience with complimentary Enterprise Security Tools including Security Information & Event Management (SIEM), Threat Intelligence Platforms (TIPs), or Network Monitoring Tools Experience with triaging security events in a security operations center (SOC) environment, leveraging data collected from enterprise security solutions Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions Ability to integrate Cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk and Elastic Benefits Opportunity to work in a progressive organization with structured training and roadmap for success Meals, Gym, Internet and other reimbursement programs Experience in one of the hottest IT industries today Proficio is an EOE employer. Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at Proficio privacy policy #J-18808-Ljbffr Proficio Inc