UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. The company is seeking an experienced Security Engineer with a strong technical background in administering, configuring, and maintaining enterprise cybersecurity tools and infrastructure.
Requirements
- Administer and maintain digital forensics platforms including FTK (Forensic Toolkit), Magnet AXIOM Cyber, FRED (Forensic Recovery of Evidence Device) systems, and related forensic investigation tools.
- Manage and configure Cortex XSOAR (Security Orchestration, Automation and Response) platform including playbook development, integration configuration, incident automation workflows, and custom script development to enhance security operations efficiency.
- Administer ExtraHop network detection and response (NDR) platform including sensor deployment, traffic analysis configuration, detection rule tuning, dashboard creation, and integration with SIEM and other security tools for comprehensive network visibility.
- Apply configuration changes across other security infrastructure platforms ensuring changes are properly tested, documented, and implemented following change management procedures.
- Perform application-level patching and updates for security tools and platforms, coordinating maintenance windows, testing patches in non-production environments, and ensuring minimal disruption to security operations during update cycles.
- Assist in the deployment of new security systems and capabilities including requirements gathering, solution design, hardware/software installation, integration with existing infrastructure, testing, and knowledge transfer to operations teams.
- Monitor performance and health of security infrastructure using built-in monitoring tools, log analysis, and alerting mechanisms. Proactively identify and resolve performance bottlenecks, capacity issues, and potential system failures.
- Provide technical support to security analysts and incident responders using security tools, troubleshooting tool-related issues, optimizing queries and workflows, and delivering training on tool capabilities and best practices.
- Develop and maintain comprehensive technical documentation including standard operating procedures (SOPs), runbooks, configuration guides, architecture diagrams, troubleshooting guides, and system inventory records for all security infrastructure.
- Manage integrations between security tools and platforms using APIs, webhooks, and connectors to enable data sharing, automated workflows, and unified security operations. Troubleshoot integration issues and optimize data flows.
- Administer SIEM (Security Information and Event Management) platforms such as Splunk or similar tools including log source onboarding, parsing rule creation, correlation rule development, dashboard creation, and search optimization.
- Maintain and update forensic workstations (FRED systems) including hardware maintenance, software updates, peripheral device management, and ensuring write-blockers and forensic acquisition tools are properly calibrated and functioning.
Benefits
- 401(k) including an employer match
- Medical, Dental, and Vision insurance
- Group Term Life, Short-Term Disability, and Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
