Texas Stock Exchange | TXSE Group Inc
Security Engineer – Texas Stock Exchange | TXSE Group Inc
We’re looking for a Security Engineer who’s excited to work across the full security stack. You'll help us stand up and mature key capabilities—including Vulnerability Management, Endpoint Security, SIEM/SOAR, Application Security, Incident Response, GRC, and Network Security.
This is a hands‑on role: you’ll manage tools, build dashboards and automations, tune policies, and dive into investigations. If you’re curious, collaborative, and love turning signal into action, we want to meet you.
The ideal candidate will have 2-4 years of working experience.
Key Responsibilities Vulnerability Management
Operate and administer the vulnerability management platform (e.g., Tenable/Qualys/Rapid7)
Build dashboards and recurring reports (trending, SLAs, risk‑based prioritization)
Partner with IT/Engineering to align patching cycles with findings and verify remediation
Endpoint Security
Deploy, monitor, and tune EDR on Windows, macOS, and Linux across physical and cloud‑hosted workloads
Harden policies and create exceptions safely; investigate and resolve sensor/telemetry issues
Maintain coverage/health reporting and onboarding/offboarding procedures
SIEM/SOAR
Ensure all relevant log sources (cloud, identity, endpoint, network, application) are ingesting and parsing correctly
Write detections/queries and build SOAR playbooks to enrich alerts, automate triage, and reduce MTTR
Create runbooks for repeatable investigations
Application Security
Help run SAST/DAST pipelines; support developers in “shift‑left” practices
Scan containers/images and third‑party packages from npm, pip, and Homebrew; manage findings in backlog
Contribute to secure SDLC guidance and threat modeling for new features
Incident Response
Act as an escalation partner to our managed SOC; assist with scoping, containment, eradication, and recovery
Preserve evidence, draft timelines, and document post‑incident follow‑ups
Network Security
Apply Zero Trust principles in policy design and access tooling
Support DNS/DHCP hygiene and network segmentation efforts across cloud and campus
Cloud (Azure)
Support logs/detections and guardrails in Azure (e.g., Microsoft Sentinel/Defender, Azure AD/Entra, Policy)
Help design least‑privilege access, workload protections, and secure configurations
Must Haves
2–3 years in security/IT/DevOps or equivalent projects/certs
Solid fundamentals: OS internals (Windows/Linux/macOS), networking (TCP/IP, DNS, DHCP), identity, and cloud
Familiarity with two or more: EDR, SIEM, SOAR, SAST/DAST, CNAPP, CSPM, Incident Response, GRC, or vulnerability management
Comfort building queries/dashboards and writing clear documentation
Nice to Have
Azure experience
IaC experience – Terraform and Ansible
Experience with tools like SentinelOne/CrowdStrike/Microsoft Defender for Endpoint; Tenable/Qualys/Rapid7; Microsoft Sentinel/Splunk; Logic Apps/Tines; CodeQL/Semgrep/OWASP ZAP; Trivy/Grype; GitHub/GitHub Actions
Certifications such as Security+, CySA+, SC‑200, AZ‑500, or GSEC
Understanding of Security Frameworks like NIST800.53r5 and CIS
#J-18808-Ljbffr
This is a hands‑on role: you’ll manage tools, build dashboards and automations, tune policies, and dive into investigations. If you’re curious, collaborative, and love turning signal into action, we want to meet you.
The ideal candidate will have 2-4 years of working experience.
Key Responsibilities Vulnerability Management
Operate and administer the vulnerability management platform (e.g., Tenable/Qualys/Rapid7)
Build dashboards and recurring reports (trending, SLAs, risk‑based prioritization)
Partner with IT/Engineering to align patching cycles with findings and verify remediation
Endpoint Security
Deploy, monitor, and tune EDR on Windows, macOS, and Linux across physical and cloud‑hosted workloads
Harden policies and create exceptions safely; investigate and resolve sensor/telemetry issues
Maintain coverage/health reporting and onboarding/offboarding procedures
SIEM/SOAR
Ensure all relevant log sources (cloud, identity, endpoint, network, application) are ingesting and parsing correctly
Write detections/queries and build SOAR playbooks to enrich alerts, automate triage, and reduce MTTR
Create runbooks for repeatable investigations
Application Security
Help run SAST/DAST pipelines; support developers in “shift‑left” practices
Scan containers/images and third‑party packages from npm, pip, and Homebrew; manage findings in backlog
Contribute to secure SDLC guidance and threat modeling for new features
Incident Response
Act as an escalation partner to our managed SOC; assist with scoping, containment, eradication, and recovery
Preserve evidence, draft timelines, and document post‑incident follow‑ups
Network Security
Apply Zero Trust principles in policy design and access tooling
Support DNS/DHCP hygiene and network segmentation efforts across cloud and campus
Cloud (Azure)
Support logs/detections and guardrails in Azure (e.g., Microsoft Sentinel/Defender, Azure AD/Entra, Policy)
Help design least‑privilege access, workload protections, and secure configurations
Must Haves
2–3 years in security/IT/DevOps or equivalent projects/certs
Solid fundamentals: OS internals (Windows/Linux/macOS), networking (TCP/IP, DNS, DHCP), identity, and cloud
Familiarity with two or more: EDR, SIEM, SOAR, SAST/DAST, CNAPP, CSPM, Incident Response, GRC, or vulnerability management
Comfort building queries/dashboards and writing clear documentation
Nice to Have
Azure experience
IaC experience – Terraform and Ansible
Experience with tools like SentinelOne/CrowdStrike/Microsoft Defender for Endpoint; Tenable/Qualys/Rapid7; Microsoft Sentinel/Splunk; Logic Apps/Tines; CodeQL/Semgrep/OWASP ZAP; Trivy/Grype; GitHub/GitHub Actions
Certifications such as Security+, CySA+, SC‑200, AZ‑500, or GSEC
Understanding of Security Frameworks like NIST800.53r5 and CIS
#J-18808-Ljbffr