Security Operations Engineer - Aptask : Job Details

Security Operations Engineer Location: Dallas, TX The Position: The role of Security Operations Detection Engineer reports directly to the lead of Security Operations and is part of the office of the CISO. This role is accountable for the architecture, engineering, and automation of in-house security platforms including the Microsoft Sentinel SIEM and associated SOAR tooling. The ideal candidate will have deep technical expertise in the Microsoft security stack and have demonstrated excellence in the development of security automation across domains such as alert triage, response, as well as other security processes such as patch and vulnerability management. They will also work extensively with various IT teams to define appropriate log ingestion, data enrichment, alerting and response actions via the SIEM/SOAR platform. They will also support the Security Operations Center (SOC) for advanced SIEM queries and analytic alerts. Primary responsibilities in this role include: Responsibilities:

• Identification of and deployment of new detections or automations within NorthMark Strategies SIEM / SOAR platform.
• Drive creation and implementation of SIEM content (e.g. rules, alerts, dashboards, etc.)
• Ensure better analytics via SIEM - improve signal-to-noise ratio in SIEM content. Conduct regular assessments and tuning of Sentinel configurations to reduce false positives and enhance detection capabilities
• Design and implementation of automation for alert enrichment, common detections closure, and response actions
• Benchmarking of existing detections and development of a roadmap for expansion of coverage.
• Continuous testing of SIEM / SOAR platform to identify and remediation gaps in detection and prevention coverage
• Integration with the external SOC provider to optimize the partnership and improve detection and response capabilities
• Consolidation of data sources across many Microsoft tenants, systems, and companies into a single source for consolidation of Security Operations procedures
• Partnering with various IT organizations to design and implement security monitoring across all core business applications
• Maintenance of all Security Operations tooling to ensure high availability of all log sources
• Partnering with Security Analysts to enhance Security Operations procedures as well as incident response.
• Consolidation and automation of Security Operations Metrics from various sources
• Automation of Incident Response processes and workflows
• Development of and adherence of SIEM Engineering change control procedures and processes
• Management of DLP tools and technologies, ensuring they are configured correctly and functioning optimally
• Provide training and support to team members on SIEM functionalities

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3+ years in a security related engineering role
• 2+ years of SIEM/SOAR Engineering Experience
• Deep technical understanding of Microsoft Sentinel, Log Analytics, Defender, and other Microsoft security tooling
• Demonstrated excellence is the area of security automation
• Proficiency with automation tooling (e.g. Terraform) and scripting languages (KQL, Python, Powershell)
• Proficiency with Microsoft Power Apps, Azure Functions, Logic Apps, and other Microsoft automation tooling
• Proficiency in API development with the goal of integrating security tooling
• Familiarity with various log ingestion methodologies into a SIEM environment.
• Familiarity with automated development lifecycles and pipelines (DevOps)
• Familiarity with Cisco security tooling including Meraki and Umbrella
• Experience in multi-tenant or MSP like environments a plus
• Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, CEH, or forensic certifications.
• Self-starter who demonstrates strong ownership of their domain and can benchmark the current state, propose improvements, and implement with little supervision
• Natural passion for security and strong drive to automate common tasks

About ApTask: ApTask is a leading global provider of workforce solutions and talent acquisition services, dedicated to shaping the future of work. As an African American-owned and Veteran-certified company, ApTask offers a comprehensive suite of services, including staffing and recruitment solutions, managed services, IT consulting, and project management. With a focus on excellence, collaboration, and innovation, ApTask provides unparalleled opportunities for professional growth and development. As a member of the ApTask team, you will have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success across diverse industries. Join us at ApTask and be part of our mission to empower organizations to thrive while fostering a diverse and inclusive work environment. Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview. Candidate Data Collection Disclaimer: At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment. If you have any concerns or queries about your personal information, please feel free to contact our compliance team at [email protected]. Applicant Consent: By submitting your application, you agree to ApTask's (www.aptask.com) Terms of Use and Privacy Policy, and provide your consent to receive SMS and voice call communications regarding employment opportunities that match your resume and qualifications. You understand that your personal information will be used solely for recruitment purposes and that you can withdraw your consent at any time by contacting us at 732-###-#### or [email protected]. Message frequency may vary. Msg & data rates may apply.