Principal Google SecOps Engineer | Remote, USA

This position will be fully remote and can be hired anywhere in the continental U.S. 

This Principal Google SecOps Engineer will be dedicated to onboarding and maintaining Google SecOps environments, in support of Optiv AFC clients.  

The Principal Google SecOps Engineer works in Optiv Security’s 24x7x365 Security Operations Center as a member of the Advanced Fusion Center (AFC) team. The Principal Engineer will be responsible for creation of procedures, implementation of processes and solutions across internal and client environments.  Experience with SIEM/SOAR or MDR products is necessary. The Principal Engineer will work closely with other Engineers, Senior Engineers, Solution Architects, and clients to complete high profile, critical services to existing AFC clients.

How you'll make an impact 

• Serve as a primary responder for AFC customer systems, taking ownership of client configuration issues and tracking through resolution.  

• Act as a point of escalation for junior level Engineers and provide guidance and mentoring.  

• Advise best practice on SIEM/MDR/SOAR products to both technical and relatively non-technical personnel.  

• Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies.  

• Implement and configure SIEM/MDR/SOAR software and appliance-based products in large enterprise and Government environments.  

• Develop and maintain security content and reporting.  

• Perform knowledge transfers to clients regarding security and system configuration awareness.  

What we're hiring for  

• 7-10 years professional experience maintaining SIEM or infrastructure systems in the Information Security field.  

• Minimum 3 years hands-on experience in Google SecOps environment.

• College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.  

• Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.  

• Excellent time management, reporting, and communication skills.  

• Superior IT problem-solving skills.  

• Experience with SIEM content and reporting.  

• Experience working with Linux OS.  

• Experience writing/developing scripts (e.g. python, bash, ruby, powershell) 

• Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Jira, Confluence, etc.).  

• Experience with various SIEM security products such as: Exabeam, Chronicle, Sentinel, LogRhythm, QRadar, Splunk, and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.  

• General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).  

• Knowledge of Linux and Windows Operating Systems.  

• An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.  

• Training and experience in one or more non-SIEM network security products to include: Enterprise endpoint security products, Network components such as Firewalls and Proxies to include Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva or other similar network security products.  

• CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE.  

• Familiarity with DevOps  

• Professional experience working with networks and network architecture.  

• Ability to participate in on-call support  

• Demonstrated experience and success in a Managed Service client environment  

• Ability to work greater than 40 hours per week as needed