Security Engineer

About Us

Steel Root is a cybersecurity services company that specializes in compliance for the U.S. Defense Industrial Base. We’re a startup in high demand, looking for a Security Engineer to help develop and scale our cybersecurity services practice. We’re passionate about contributing daily to our positive culture, with a commitment to professional development and social responsibility. Steel Root serves a national client base from its headquarters in Salem, MA.

Job Description

The Security Engineer is responsible for managing and monitoring security operations tools, platforms, and processes to support our cybersecurity services practice. The ideal candidate is a hands-on cybersecurity professional who is passionate about best practices and has experience developing processes for security operations.

Responsibilities include:

  • Develop and maintain standard operating procedures and response playbooks
  • Ongoing review of endpoint detection and response (EDR) systems, SIEM dashboards, and other security platforms
  • Lead the triage and investigative process for cybersecurity incidents, summarizing events and incidents effectively to customer stakeholders (technical and non-technical)
  • Conduct vulnerability assessments of customer systems and environments
  • This is a “9 to 5” type position with no on-call requirement, but evening and weekend hours expected during critical incidents, which are infrequent but do happen from time to time

Relevant Tools

  • CrowdStrike Falcon
  • SIEM (Azure Sentinel or ELK stack)
  • Zscaler
  • Endpoint security tools including application control, host-based firewall, patch management

About You

You’re an experienced analyst or systems engineer ready for the challenge of building repeatable security operations processes to help mature our managed security practice. You’re skilled at configuring and monitoring security platforms, and likely have strong feelings about zero trust, SecOps, and cloud-first as a security strategy. You know that you could do a better job than many of the MSSPs out there.

Requirements

  • US citizenship
  • 4+ years of progressive experience in the IT field
  • 2+ years of hands-on experience as a SOC analyst, threat hunt, or similar role
  • Strong analytical skills and written/verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences
  • Experience configuring and managing cybersecurity technologies like SIEM, endpoint detection and response, IPS/IDS, vulnerability management software, identity and access management, and/or CASB solutions
  • Solid grasp of networking concepts and technologies, security incident handling best practices, and a basic understanding of forensics techniques
  • Experience mitigating threat vectors including malware and advanced persistent threats (APTs)

Desired Characteristics

  • Experience building out new SOC or IR capabilities
  • Familiarity with security frameworks and standards such as CMMC, NIST 800-171, NIST CSF, CIS Controls, or MITRE ATT&CK / D3FEND
  • Knowledge of security-relevant Microsoft cloud services (Sentinel, MCAS, Intune, Azure AD, PIM/PAM, Security and Compliance Center)
  • Professional certifications such as CISSP, CEH, SANS GIAC, and Microsoft, Linux, networking, or related certifications

Perks

  • Competitive benefits package, including health, dental, 401(k), professional development, and cell phone stipend
  • Team Human work culture
  • Our customers make lasers and launch things into space
  • Work with wicked smaht teammates and hone your skills in one of the hottest niches in the cybersecurity market
  • Play with cool tech, work with customers that love us, and get in on the ground floor of a startup in growth mode

How to Apply

  1.   Get to know us by reading about our services and the industries we serve, and follow us on social media (links in website footer, below).
  2.   Then send your resume with cover letter to jobs@steelroot.us. Every application is reviewed by a real human being.

Committed to Diversity

Steel Root is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the duties, responsibilities and qualifications required for this position. Physical, mental, sensory, or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Steel Root will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.