SOC Security Engineer

Armis • Full-time • Remote (Toronto, ON, CA) • 23h ago

Armis, the cyber exposure management & security company, protects the entire attack surface and manages an organization's cyber risk exposure in real time. In a rapidly evolving, perimeter-less world, Armis ensures that organizations continuously see, protect and manage all critical assets - from the ground to the cloud. Armis secures Fortune 100, 200 and 500 companies as well as national governments, state and local entities to help keep critical infrastructure, economies and society stay safe and secure 24/7.

Armis is a privately held company headquartered in California.

Location: This is a remote position and we are considering candidates from Toronto, CA.

The SOC Security Engineer is an integral part of our services organization providing expert knowledge in security best practices, security controls and advanced analysis to our customers. Knowledge in creation of detections, security engineering and DevSecOps into production.This team member will be critical for protecting clients from emerging threats.

Responsibilities:

Configure tools and detect patterns/outliers within client environments matching tactics, techniques or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors.
Monitor security tools in multiple client environments and ensure out detection / prevention are working operationally.
Contribute to executive summary reports and on the delivery of detection / preventions for customers.
Design, develop and manage the DevSecOps process for the emerging threats.
Provide cross-functional support of this DevSecOps process,
Work with the greater threat team to ensure delivery of a quality service.
Operate as subject matter expert (SME) point of contact for clients during business hours.
Ownership of the DevSecOps Documentation and Training.

Qualifications:

Bachelor's Degree in Cybersecurity related field preferred
2+ years of Cybersecurity experience
Significant experience using one SIEM platform i.e. Splunk / Elastic Search
Must have experience with IDS/ IPS one or more of: i.e. Snort, Suricata, Zeek
1+ years experience with Python with Git
Advanced knowledge of log analysis, PCAP analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior.
Demonstrated or advanced experience with computer networking systems.
Experience with operational security, including security operations center (SOC), incident response, evidence assessments, malware analysis, or IDS and IPS analysis.
Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
Knowledge of TTPs involved in current APT threats and exploits involving various operating systems, applications and protocols, including working knowledge of the Cyber Kill Chain and MITRE ATT&CK Matrix.
Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with peers.
Ability to both support partner meetings and projects.
Desire to learn how to apply machine learning to cybersecurity problems is a plus.
Experience with DevSecOps

The choices you make in your career journey matter. You want to do interesting work in an important field while also having time to live your life, which is why we place so much value in your life-work balance. Armis sets you up for success with comprehensive health benefits, discretionary time off, paid holidays including monthly me days, and a highly inclusive and diverse workplace. Put your unique experiences and perspective to work in an environment where they will enable you to thrive, grow, and live your life with integrity.

Armis is proud to be an equal opportunity employer. We never discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected (or not) status. In compliance with federal law, all persons hired will be required to submit satisfactory proof of identity and legal authorization.

Please click here to review our privacy practices.