Jobs · Information Technology · Florida

Senior IT Cyber Security Engineer

Ashley Furniture Industries · Tampa, FL · 1 mo ago
On-siteInformation TechnologyFull-time

Core Responsibilities

  • Perform daily security case triage and queue management within a cloud-native SIEM platform, including noise reduction, false positive identification, and exception creation
  • Develop and maintain SOAR automation playbooks, including ongoing tuning and deduplication logic
  • Monitor and apply SIEM parser updates; review change logs and validate newly introduced data tags to ensure detection integrity
  • Standardize and maintain detection rule naming conventions and labeling across the SOC environment
  • Review, customize, and manage security playbooks pulled from integrated code repositories; validate code for security concerns prior to deployment
  • Build, maintain, and troubleshoot SOC dashboards and underlying queries; produce recurring operational reports for leadership
  • Track and report on playbook usage metrics, log ingestion volumes, and establish consumption baselines to support capacity planning
  • Perform ongoing exception tuning as the environment evolves, including malware, PUP, and endpoint alert validation using SentinelOne EDR/XDR platform data
  • Monitor and triage email-based threats using Abnormal Security; manage detection policies, investigate reported messages, and validate remediation actions
  • Monitor threat intelligence platforms and dark web monitoring tooling; maintain and update monitoring coverage to address emerging indicators
  • Investigate and respond to account compromise indicators, including anonymous sign-in attempts and credential-based threats; execute account remediation actions via enterprise identity management platforms
  • Manage log forwarder infrastructure, including replacement or migration projects in coordination with IT and vendor support teams
  • Coordinate with vendor professional services teams as needed to validate and advance SOC tooling initiatives
  • Design, implement, and continuously improve security controls across cloud and on-premises environments to reduce risk and strengthen the overall security posture
  • Work closely with engineering and infrastructure teams to embed security best practices into system design, platform deployments, and operational workflows
  • Evaluate and recommend security tooling, configurations, and architectural patterns in alignment with enterprise standards and risk tolerance
  • Support incident response investigations from initial triage through containment, eradication, and post-incident review
  • Contribute to the development, review, and maintenance of security policies, standards, and procedures
  • Support compliance efforts aligned to established frameworks including NIST CSF and PCI-DSS, including evidence collection, gap assessment, and control documentation

Required Skills & Qualifications

  • Strong hands-on experience with cloud-native SIEM and SOAR platforms (e.g., Google SecOps / Chronicle, Splunk, Microsoft Sentinel, or equivalent)
  • Experience with SentinelOne EDR/XDR for endpoint threat triage, malware validation, alert investigation, and response actions
  • Hands-on experience with Abnormal Security or equivalent AI-driven email security platforms for phishing triage, policy management, and threat remediation
  • Proficiency writing and optimizing regular expressions for alert tuning, exception logic, and parser development
  • Demonstrated experience with detection engineering and rule tuning methodologies in an enterprise SOC environment
  • PRACTICAL experience designing or implementing security controls across hybrid cloud and on-premises environments
  • Ability to collaborate effectively with engineering and infrastructure teams to integrate security requirements into technical projects
  • Familiarity with incident response processes and experience supporting investigations through the full response lifecycle
  • Familiarity with threat intelligence platforms (e.g., Recorded Future, ThreatConnect, or equivalent) and dark web monitoring practices
  • Working knowledge of Linux systems administration, including scripting (Bash, Python) and scheduled task management
  • Working knowledge of security frameworks such as NIST CSF and PCI-DSS and their application to enterprise security programs
  • Strong documentation habits and ability to develop and standardize repeatable operational processes

Similar jobs