Movate
Senior Security Engineer (Level 3)
We are seeking a highly skilled Senior Security Engineer (Level 3) to design, implement, and optimize our enterprise security controls. This role requires deep technical expertise in firewalls, endpoint detection & response (EDR), SIEM engineering, and email security platforms. The ideal candidate will act as a technical SME, lead advanced threat analysis, support incident response, and guide junior engineers.
Key Responsibilities Firewall Engineering & Network Security
Architect, configure, and maintain enterprise firewalls (Palo Alto / Fortinet / Cisco / Check Point).
Create, review, and optimize security policies, NAT rules, segmentation, and zero-trust network zones.
Perform firewall upgrades, log analysis, policy audits, and change management.
Lead troubleshooting of advanced network security issues (L3/L4/L7).
Integrate firewall telemetry with SIEM and automation platforms.
Serve as SME for EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, etc.).
Tune detection rules, behavioral analytics, and response playbooks.
Manage EDR deployments, health checks, version upgrades, and agent monitoring.
Analyze suspicious endpoint activity, malware behavior, lateral movement attempts, and persistence methods.
Collaborate with IR team for endpoint containment and forensic investigations.
Own SIEM platform engineering (Splunk / MS Sentinel / QRadar / Elastic).
Build and tune correlation rules, dashboards, parsers, and automated threat response workflows.
Onboard new log sources (firewalls, servers, EDR, cloud services, UBA, email gateways).
Conduct threat hunting using SIEM, UEBA, and network telemetry.
Improve detection coverage based on MITRE ATT&CK and past incidents.
Email Security & Messaging Protection
Implement DMARC, DKIM, SPF, anti-spam, anti-phishing, URL rewriting, and attachment sandboxing.
Investigate phishing campaigns, BEC attempts, malware attachments, and credential harvesting.
Tune policies to reduce false positives and increase threat visibility.
Act as L4 escalation for major incidents across endpoints, email, network, and cloud.
Perform deep-dive analysis including packet captures, log correlation, malware triage, and kill chain mapping.
Support threat hunting, threat intel integration, and adversary behavior analysis.
Security Architecture & Hardening
Recommend architecture improvements for network segmentation, endpoint hardening, and identity security.
Perform risk assessments, vulnerability reviews, and security control validation.
Lead technical evaluations for new security technologies and vendors.
Contribute to zero-trust architecture planning and implementation.
Automation, Integrations & Documentation
Use scripting (Python, PowerShell, Bash) to automate repetitive tasks and log parsing.
Integrate security tools with SOAR platforms.
Create runbooks, design documents, diagrams, and engineering-level documentation.
Mentor junior security engineers and provide L3 / L4 engineering guidance.
Required Qualifications
7–10+ years
of experience in security engineering or SOC engineering.
Advanced experience with:
SIEM:
Splunk / Sentinel / QRadar / Elastic
Email Security:
Proofpoint / Mimecast / M365 Security
Strong understanding of TCP/IP, DNS, TLS, VPN, routing, switching, and network protocols.
Deep knowledge of threat detection, malware analysis fundamentals, and adversary TTPs.
Experience with
MITRE ATT&CK, NIST, CIS controls , and enterprise security frameworks.
Strong scripting knowledge (Python/PowerShell preferred).
Experience in cloud environments (AWS / Azure / GCP) preferred.
Preferred Certifications
CISSP
CCSP
Palo Alto PCNSE or equivalent
GIAC GCIA / GCIH / GCED / GCFA
Microsoft SC-200 / SC-300
CrowdStrike or SentinelOne certifications
Soft Skills
Strong analytical and problem‑solving mindset.
Ability to lead high‑severity incidents under pressure.
Excellent communication and documentation skills.
Ability to mentor and guide junior team members.
Seniority level
Associate
Employment type
Full‑time
Job function
Information Technology, Consulting, and Customer Service
Industries
IT Services and IT Consulting
IT System Operations and Maintenance
IT System Design Services
#J-18808-Ljbffr
Key Responsibilities Firewall Engineering & Network Security
Architect, configure, and maintain enterprise firewalls (Palo Alto / Fortinet / Cisco / Check Point).
Create, review, and optimize security policies, NAT rules, segmentation, and zero-trust network zones.
Perform firewall upgrades, log analysis, policy audits, and change management.
Lead troubleshooting of advanced network security issues (L3/L4/L7).
Integrate firewall telemetry with SIEM and automation platforms.
Serve as SME for EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, etc.).
Tune detection rules, behavioral analytics, and response playbooks.
Manage EDR deployments, health checks, version upgrades, and agent monitoring.
Analyze suspicious endpoint activity, malware behavior, lateral movement attempts, and persistence methods.
Collaborate with IR team for endpoint containment and forensic investigations.
Own SIEM platform engineering (Splunk / MS Sentinel / QRadar / Elastic).
Build and tune correlation rules, dashboards, parsers, and automated threat response workflows.
Onboard new log sources (firewalls, servers, EDR, cloud services, UBA, email gateways).
Conduct threat hunting using SIEM, UEBA, and network telemetry.
Improve detection coverage based on MITRE ATT&CK and past incidents.
Email Security & Messaging Protection
Implement DMARC, DKIM, SPF, anti-spam, anti-phishing, URL rewriting, and attachment sandboxing.
Investigate phishing campaigns, BEC attempts, malware attachments, and credential harvesting.
Tune policies to reduce false positives and increase threat visibility.
Act as L4 escalation for major incidents across endpoints, email, network, and cloud.
Perform deep-dive analysis including packet captures, log correlation, malware triage, and kill chain mapping.
Support threat hunting, threat intel integration, and adversary behavior analysis.
Security Architecture & Hardening
Recommend architecture improvements for network segmentation, endpoint hardening, and identity security.
Perform risk assessments, vulnerability reviews, and security control validation.
Lead technical evaluations for new security technologies and vendors.
Contribute to zero-trust architecture planning and implementation.
Automation, Integrations & Documentation
Use scripting (Python, PowerShell, Bash) to automate repetitive tasks and log parsing.
Integrate security tools with SOAR platforms.
Create runbooks, design documents, diagrams, and engineering-level documentation.
Mentor junior security engineers and provide L3 / L4 engineering guidance.
Required Qualifications
7–10+ years
of experience in security engineering or SOC engineering.
Advanced experience with:
SIEM:
Splunk / Sentinel / QRadar / Elastic
Email Security:
Proofpoint / Mimecast / M365 Security
Strong understanding of TCP/IP, DNS, TLS, VPN, routing, switching, and network protocols.
Deep knowledge of threat detection, malware analysis fundamentals, and adversary TTPs.
Experience with
MITRE ATT&CK, NIST, CIS controls , and enterprise security frameworks.
Strong scripting knowledge (Python/PowerShell preferred).
Experience in cloud environments (AWS / Azure / GCP) preferred.
Preferred Certifications
CISSP
CCSP
Palo Alto PCNSE or equivalent
GIAC GCIA / GCIH / GCED / GCFA
Microsoft SC-200 / SC-300
CrowdStrike or SentinelOne certifications
Soft Skills
Strong analytical and problem‑solving mindset.
Ability to lead high‑severity incidents under pressure.
Excellent communication and documentation skills.
Ability to mentor and guide junior team members.
Seniority level
Associate
Employment type
Full‑time
Job function
Information Technology, Consulting, and Customer Service
Industries
IT Services and IT Consulting
IT System Operations and Maintenance
IT System Design Services
#J-18808-Ljbffr