Senior Cyber Security Engineer

Job Overview As a Senior Cyber Security Engineer, you will play a crucial role in safeguarding Relativity's network and infrastructure. You will be tasked with investigating and analyzing emerging threats to our assets, identities, and clients. Your expertise will provide actionable remediation guidance to end users while collaborating with a team of skilled cyber experts to anticipate and mitigate evolving threats using advanced toolsets and next-generation capabilities. Key Responsibilities: Review, validate, and triage alerts while performing technical analysis of log data from a wide range of sensors, and leverage threat intelligence to enhance security posture. Assess the impact of security events using host, cloud, and network-based indicators to escalate incidents effectively. Develop and deploy detection and prevention signatures as part of a comprehensive defense strategy using diverse technologies. Build automation for searching collected telemetry, detecting, and isolating advanced threats that bypass existing security measures. Create standard operating procedures, security operation center (SOC) playbooks, configuration guides, and secure standards. Automate incident handling processes to improve efficiency and effectiveness. Engage in continuous research on emerging threats, applying appropriate countermeasures within a fast-paced environment. Act as a subject matter expert regarding the mechanisms and analysis of observed malicious activities. Document and communicate investigation findings clearly to both technical and executive stakeholders. Identify opportunities to automate technical tasks to reduce manual workload. Integrate, operate, and connect multiple cybersecurity tools and applications through automation. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection teams focused on cloud applications and corporate networks. Exposure to threat detection development and tuning. Experience with software design and development. DevSecOps experience. Ability to perform threat hunting, emulation, and/or purple teaming exercises. Familiarity with standard security devices and their configuration. Experience in reverse engineering malicious code to understand infection propagation mechanisms. Knowledge of threat intelligence tools and processes. Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, CEH are preferred. 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection roles. Strong incident response skills, including network forensics, memory forensics, and packet analysis. Ability to write and analyze scripts in PowerShell, C#, and Python. Capability to independently manage and prioritize complex security events. Advanced understanding of SOC/CIRT operational processes and documentation. Deep knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks. Ability to work collaboratively with global cross-functional teams to enhance Relativity's security posture. Comprehensive understanding of infection mechanisms, malicious behavior, and mitigating controls. Good awareness of tactics used by attackers to access sensitive systems and data. Strong analytical and problem-solving abilities. Proficient in utilizing programming and scripting languages to create automation and develop SOAR playbooks. Relativity values competitive, fair, and equitable compensation practices. This position offers a total compensation package including a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between $150,000 and $226,000, based on various factors including depth of experience, skill set, qualifications, and internal pay equity. Hiring towards the upper end of the range is uncommon to allow for future salary growth opportunities. Essential Skills: Cybersecurity Infrastructure Security Network Security Penetration Testing Security Architecture Design Security Audit Security Information Security Information and Event Management (SIEM) Security Operations Vulnerability Management