Security Engineer

Job ID:43003
Location:Greece: Athens
Position Category:Information Technology
Position Type:Employee Regular

LRQA is an award-winning provider of Cyber Security Assurance Incident Response and Managed Security Services provider to organisations across the world. Due to continued expansion we are seeking a Security Engineer to support LRQA in continuing to be a renowned market leading managed provider of Managed Security and Support Services

Role Purpose

The purpose of this role is to ensure the efficient error-free performance of the SOC Platform. You will take a supporting role in ensuring the continuous monitoring of customer environments via both SIEM and SOC Monitor infrastructure.

Working as a Security Engineer within our DSS team you will use your expertise to facilitate the detection and response to a multitude of threats of differing capability and sophistication. You will use administer and maintain our SIEM EDR SOAR bespoke tooling and Threat Intelligence solutions to enable the triage of suspicious events provide context and assessment of risk/threat to our customers.

You will develop technical solutions to improve the operational capability of the Platform and to support the wider SOC Monitor team.

You will also get involved in projects that maintain and enhance the capability of our services and ensure we are providing innovative detection & response services to our clients. This includes threat hunting supporting the implementation of new cutting-edge technology malware analysis recommending detections and getting involved in strategic cross-team projects as part of your wider role within our award-winning Security Operations Centre.

Key Role Responsibilities

• Monitor and maintain the technology stack creating and tuning alerts where necessary.
• Support the implementation of any required upgrades to the Security Engineering technology stack.
• Ensure each customers operational health is maintained and respond to all requests within agreed SLAs.
• Participate in knowledge transfer sessions with the wider team.
• Develop automation solutions that improve detections and increase team efficiency.
• Assist in customer onboarding activities where necessary.
• Work with our Threat Detection team to develop solutions to improve detections and operational capability.
• Maintain an awareness of the latest Defensive Monitoring technologies and trends.
• Maintain an up-to-date understanding of current threats and trends in Cyber Crime and apply this information as part of your daily duties when creating custom use cases and altering the SOC Monitor infrastructure.
• Assist both Infrastructure Support and Network Operations in a wide range of duties ranging from security best practice recommendations through to analysing suspicious activity on infrastructure devices.
• Liaise with Account and Client Service Managers across the business and assist with the presentation of SOC Monitor technology demonstrations to both current and prospective customers.
• Maintain regular written and verbal communication with customers suppliers and internally as required.

Role Requirements

• Demonstrable hands-on experience with Microsoft Sentinel and Microsoft Defender(Defender for Endpoint Defender for Identity Defender for Cloud Apps) including deployment configuration and day-to-day operational management within an enterprise environment.
• Strong background inSIEM SOAR and EDR/EPP technologies with a particular focus on delivering detection investigation and response capabilities.
• Proven ability to operate within acomplex high-performing service management enterprise environment using Microsofts security tools to enhance visibility resilience and incident response effectiveness.
• Demonstrable experience inconducting security investigations using large datasets with knowledge ofKusto Query Language (KQL)to develop custom Sentinel queries and analytics rules.
• Skilled in building and maintainingautomation solutionsand integrations using Python PowerShell and RegEx enabling improved detection response and operational efficiency within Microsoft Sentinel and Defender environments.
• Knowledge ofenterprise IT infrastructure including Windows and Linux operating systems networking and third-party security tools and how these integrate with the Microsoft security ecosystem.
• Strong capability inanalysing complex security datawithin Sentinel and Defender portals identifying patterns prioritizing threats and presenting actionable recommendations as part of continuous service improvement initiatives.
• In-depth understanding ofattack vectors MITRE ATT&CK framework and adversary behaviours with the ability to distinguish between normal and abnormal activity using Microsoft security insights.
• Excellent communication skills with experience incustomer-facing rolesand the ability to clearly convey technical findings and security risk to both technical and non-technical stakeholders using Microsoft dashboards and reporting tools.

Desirable Qualifications

• Microsoft certifications such as AZ-500 SC-300 SC-200 SC-100
• Crowdstrike certifications such as CCFA
• LogRhythm experience

Pre-Employment Checks

If you are successful in securing a role with us you will be subject to pre-employment checks depending on the legal requirements and practices in your country of employment.

If eligible these checks will include right to work identification verification of employment history education and criminal records where permitted by local law.

All checks will be conducted in accordance with applicable privacy and data protection regulations.

We will involve the third party supplier to run the background checks as needed and your data will be retained for a period as needed for the recruitment purpose.

To the extent to be permitted by the applicable local law your data may be stored outside of your employment country dependent on our operation structure.

Your application of this role will constitute your consent on this paragraph.

Diversity and Inclusion at LRQA:

We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.

Together our employees make our communities better and we want you to be part of our diverse team!

LRQA is a leading global assurance integrity and expertise we bring to our partnership with clients support their journey to a safer more secure and more sustainable future. (Group entities).

Copyright LRQA 2021. All rights reserved. Terms of use. Privacy Policy.