Security Engineer - Threat Detection & Disruption

About the Role: Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Cyber Security Engineer with strong operational and analytical experience in Threat Detection & Disruption to join our talented IS & Cyber Security team..

Our industry-leading, immigration specific technology and infrastructure is undergoing tremendous transformation and security is on the critical path to success in that endeavor. We seek a professional who is passionate about security, capable of effecting change, and eager to advance threat detection and response capabilities using traditional and emerging technologies. You will be joining a team of Cyber Security Engineers who make security a distinguishing factor in our technological offerings. The successful candidate will help engineer solutions to focus our defensive and response efforts throughout our environment.

How will you make a difference as a Security Engineer - Threat Detection and Disruption at Fragomen?

• Refine, validate and exercise our Threat Detection and Disruption program.
• Develop detection techniques to protect our evolving environment and technical offerings.
• Architect, deploy and maintain our network and endpoint detection tools to reduce our time to alert, triage and mitigation from potential threats.
• Deploy, mature and maintain our future logging tier, security event incident management (SIEM) system and alert, triage and response pipeline.
• Lead in the evolution of our protection, detection and mitigation capabilities based on experience, evolving threat environment and findings from cyber security incidents.
• Participate in a cross-functional response to cyber security incidents.
• Develop and maintain strong relationships with key partners to create our detection and threat disruption program.
• Participate in threat hunting efforts.

Leverage your valuable skills and experience to make an impact at Fragomen:

• 2 - 5 years or more years of practical Threat Detection and Disruption experience.
• A passionate team player who builds knowledge and solves complex problems.
• Demonstrated knowledge of detection tools with the ability to write signatures (Snort, Suricata, Yara, etc.).
• Proficiency in a modern high-level language (Python, Ruby, Node, Go, etc.).
• Experience in establishing and maintaining a SIEM (Splunk, ArcSight, QRadar, ELK, etc.).
• Proven experience in developing intrusion detection techniques and operational responses.
• Experience in architecting and deploying logging technology (Syslog, Logstash, etc.).
• Strong, professional communication skills that maintain under pressure.
• A Bachelor’s degree in a related field or a combination of related experience.
• Experience in developing highly automated detection and triage tools.
• Knowledge of detection, forensic, security event and incident management, and orchestration tools.
• The following are preferred but not required: Technical certifications that demonstrate technical prowess in DFIR to include GIAC (GCIH, GCFA, GCIA), Offensive Security (OSCP, OSCE, OSEE), and/or Vendor specific (Splunk, QRadar, ELK, etc.).

Benefits:

At Fragomen, we know that great people make a great organization. We value our people and offer employees a broad range of benefits which includes:

• Paid Time Off + Holidays
• Private Medical Insurance
• And other financial benefits which we encourage you to ask us about!

Learn More About Fragomen:

Please take time to read About Us, explore the Meaningful and Impactful Work we do for our clients, and review the standard Benefits we offer. You can find all the material to the right of this page.