Security Engineer
Share
Job Location:
Dallas, IA - USA
Monthly Salary:
Not Disclosed
Posted on:
4 hours ago
Vacancies:
1 Vacancy
Department:
Job Summary
Were looking for a Security Engineer whos excited to work across the full security stack. Youll help us stand up and mature key capabilitiesincluding Vulnerability Management Endpoint Security SIEM/SOAR Application Security Incident Response GRC and Network Security.
This is a handson role: youll manage tools build dashboards and automations tune policies and dive into investigations. If youre curious collaborative and love turning signal into action we want to meet you.
The ideal candidate will have 2-4 years of working experience.
Vulnerability Management
- Operate and administer the vulnerability management platform (e.g. Tenable/Qualys/Rapid7).
- Build dashboards and recurring reports (trending SLAs riskbased prioritization).
- Partner with IT/Engineering to align patching cycles with findings and verify remediation.
Endpoint Security
- Deploy monitor and tune EDR on Windows macOS and Linux across physical and cloudhosted workloads.
- Harden policies and create exceptions safely; investigate and resolve sensor/telemetry issues.
- Maintain coverage/health reporting and onboarding/offboarding procedures.
SIEM/SOAR
- Ensure all relevant log sources (cloud identity endpoint network application) are ingesting and parsing correctly.
- Write detections/queries and build SOAR playbooks to enrich alerts automate triage and reduce MTTR.
- Create runbooks for repeatable investigations.
App Security
- Help run SAST/DAST pipelines; support developers in shiftleft practices.
- Scan containers/images and thirdparty packages from npm pip and Homebrew; manage findings in backlog.
- Contribute to secure SDLC guidance and threat modeling for new features.
Incident Response
- Act as an escalation partner to our managed SOC; assist with scoping containment eradication and recovery.
- Preserve evidence draft timelines and document postincident followups.
Network Security
- Apply Zero Trust principles in policy design and access tooling.
- Support DNS/DHCP hygiene and network segmentation efforts across cloud and campus.
Cloud (Azure)
- Support logs/detections and guardrails in Azure (e.g. Microsoft Sentinel/Defender Azure AD/Entra Policy).
- Help design leastprivilege access workload protections and secure configurations.
Must Haves
- 23 years in security/IT/DevOps or equivalent projects/certs.
- Solid fundamentals: OS internals (Windows/Linux/macOS) networking (TCP/IP DNS DHCP) identity and cloud.
- Familiarity with two or more: EDR SIEM SOAR SAST/DAST CNAPP CSPM Incident Response GRC or vuln management.
- Comfort building queries/dashboards and writing clear documentation.
Nice to Have
- Azure experience
- IaC experience Terraform and Ansible
- Experience with tools like: SentinelOne/CrowdStrike/Microsoft Defender for Endpoint; Tenable/Qualys/Rapid7; Microsoft Sentinel/Splunk; Logic Apps/Tines; CodeQL/Semgrep/OWASP ZAP; Trivy/Grype; GitHub/GitHub AS.
- Certifications such as Security CySA SC200 AZ500 or GSEC.
- Understanding of Security Frameworks like NIST800.53r5 and CIS
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
About Company
A national securities exchange is coming to Texas. Learn more about the Texas Stock Exchange (TXSE) and our long-term vision for achieving greater alignment for issuers and investors and bringing innovation and competition to the U.S. equity markets.
