Senior Platform Engineer
The Company
Every day, NuHarbor Security improves the cybersecurity of our clients. Our managed security services are always watching over them, ensuring their systems are configured correctly and alerting them when real security events occur, while our penetration testing and information assurance teams provide security insight and recommendations to improve protections and shared response activities. We’re growing quickly because our clients, and the general market, are looking for more comprehensive assistance with their security strategy than product vendors or traditional service providers can offer.
The Role
The Senior Platform Engineer leverages deep engineering and automation experience to operate and improve the cybersecurity services NuHarbor delivers to its clients. This is a senior position within the Platform Engineering team, a multi-disciplinary group of engineers leading the design, architecture, implementation, optimization, and operation of NuHarbor’s cybersecurity services portfolio. The Senior Platform Engineer prioritizes client value, modern DevSecOps engineering practices, and ubiquitous automation while driving service improvement and efficiency across our Detection Engineering, Threat Intelligence, SIEM operations, CrowdStrike MDR, and other service areas.
What you’ll do
- Lives by the NuHarbor corporate values: Protect the House, Help Clients Win, Always Improve
- Implement and support features, custom tooling, and automation, following an agile development process, as a member of the Platform Engineering group, optimizing service delivery with technology.
- Operate and maintain custom tooling, including CI/CD pipelines, to iterate configuration in client environments reliably, and consistently, driven through a GitOps workflow.
- Deploy and administer commercial, open source, and internally developed software in public cloud environments using infrastructure-as-code and continuous delivery pipelines.
- Provide guidance and mentorship to technical staff members, from all teams, clearing a path to excellence with enthusiasm and confidence.
- Define strategies for turning security signals into detections, generating alerts optimized for automation, and when necessary, presentation to analysts who investigate and take necessary actions.
- Play a supporting role in executing our detection and automation strategy, providing contextual data to make alerts binary, analysis more efficient, and defenses more effective for our clients.
- Provide guidance and mentorship to Security Operations Engineers and Analysts on using custom tooling and following DevOps and security best practices.
- Continuously collect and analyze telemetry from deployed technologies and tune them for signal and quality.
Your foundation. The requirements for this role:
- 6+ years professional experience in system administration, engineering or cybersecurity operations and Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related field.
- In lieu of a degree, two (2+) years of experience in a related technology field.
- Four (4+) years’ experience in Python or other common scripting languages used in security technology integration.
- Knowledge and expertise in key SIEM techniques and technologies such as Splunk, Splunk Enterprise Security (ES), or Microsoft Sentinel.
- Experience working with “infrastructure-as-code”, following DevOps practices, building and maintaining CI/CD tooling.
- Strong Linux and Windows proficiency.
- Strong understanding of security concepts and operations.
- Experience in engineering event detection & response tuning.
- A strong aptitude and a “can-do” attitude, with a willingness to teach other crew members how to best generate appropriate alerts for handling by SOC teams.
- Up to date with engineering best practices, security technology trends, tools, and frameworks
- Experience operating and debugging “serverless” software systems in AWS, tracing code problems and performing root cause analysis.
- Experience in Python or other common scripting languages used in security technology integration.
- Expert experience communicating complex detection engineering concepts with audiences of varied technical understanding, from business stakeholders, sales, engineering teams, and customers.
- Must be a citizen of the United States.
Additional capabilities that will differentiate you for this role:
- Experience working in an Agile development process.
- Object-Oriented Programming, Data validation.
- Four (4+) years’ experience with query language such as Splunk Search Processing Language (SPL), or Kusto Query Language (KQL).
- Experience automating software and system administration with Ansible.
- Knowledge of MITRE ATT&CK framework and general adversarial / defensive security techniques.
- Experience in Security Operations Center (SOC) content development and automation implementations.
- Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls.
- Preferred location is at our HQ in Colchester, VT; open to Hybrid/Remote
The Rewards
What you can expect:
- The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market
- An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
- Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption
- A collaborative and driven working environment in a rapidly growing company and market
- A fun and social working environment where you are encouraged to be your true self
You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.
We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win. If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.
AAP/EEO Statement
The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.
NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability. We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.
Top Skills
What We Do
NuHarbor Security is a leading national cybersecurity services firm, supporting the diverse needs of hundreds of clients with clear, comprehensive, and outcome-based solutions. We support only best-of-breed security technologies with thoroughly trained and vetted analysts. We make cybersecurity easier for our clients by integrating the most comprehensive set of security services in the market, from compliance and offensive testing to award-winning 24×7 managed security operations. What’s more, NuHarbor advisors analyze information from multiple sources to deliver the most well-informed strategies for building, improving, and maintaining your cybersecurity program. NuHarbor makes it easy to secure what matters most to you.