[Remote] Senior - Security Engineer, Information Security (51372)

Note: The job is a remote job and is open to candidates in USA. Citrin Cooperman offers a dynamic work environment, fostering professional growth and collaboration. They are seeking a Senior Security Engineer to join their Information Security team, responsible for protecting digital assets through the management of security technologies and leading incident response efforts.

Responsibilities

• Deploy and manage EDR solutions across enterprise endpoints including workstations, servers, and mobile devices
• Configure detection rules and automated response actions to identify malware, suspicious behaviors, and advanced persistent threats
• Conduct proactive threat hunting to identify compromised systems and hidden threats
• Maintain agent deployment coverage and optimize EDR performance across all critical assets
• Administer SIEM platform including log source onboarding, parsing, and correlation rule development
• Design use cases and correlation rules to detect security incidents and policy violations
• Monitor and triage security alerts to determine severity, scope, and impact
• Create dashboards and reports for security metrics, compliance, and executive visibility
• Integrate threat intelligence feeds to enhance detection capabilities
• Serve as escalation point for security incidents following established procedures
• Perform digital forensics and investigation including log analysis, memory analysis, and disk forensics
• Coordinate incident response across IT, legal, HR, and executive stakeholders
• Document incidents thoroughly include timelines, indicators of compromise, and remediation actions
• Develop and maintain incident response playbooks for common attack scenarios
• Participate in tabletop exercises and conduct post-incident reviews to improve security posture
• Establish and maintain a continuous vulnerability management program
• Deploy and manage vulnerability scanning tools across network, systems, applications, and cloud infrastructure
• Analyze vulnerability scan results and prioritize remediation based on risk, exploitability, and business impact
• Work with system owners and IT teams to develop remediation plans and track vulnerability closure
• Monitor threat intelligence sources for emerging threats, exploit activity, and vulnerabilities affecting the organization
• Conduct risk assessments for newly discovered vulnerabilities and provide guidance on compensating controls
• Generate vulnerability metrics and reports for management and compliance purposes
• Integrate vulnerability data with SIEM and EDR for enhanced threat correlation
• Perform penetration testing coordination and validate remediation effectiveness
• Maintain vulnerability management policies, procedures, and SLAs
• Participate in 24/7/365 security operations center (SOC) rotation (if applicable) or on-call rotation
• Collaborate with IT operations, development, and business teams on security initiatives
• Mentor junior security analysts and share knowledge across the security team
• Stay current with emerging threats, attack techniques, and security technologies
• Contribute to security awareness training programs by providing real-world incident examples
• Manage email security gateway solutions to detect and block malicious emails, phishing attempts, and spam
• Investigate and respond to reported phishing emails and business email compromise (BEC) attempts
• Analyze email-based threats and implement rules to block malicious senders, domains, and attachment types
• Monitor email security metrics and trends to identify emerging attack patterns
• Work with human security awareness team to shape awareness campaigns and phishing simulations to improve user vigilance
• Implement and manage DLP solutions across email, endpoints, network, and cloud applications
• Create and tune DLP policies to prevent unauthorized data exfiltration while minimizing false positives
• Monitor DLP alerts and investigate potential data leakage incidents
• Classify sensitive data and configure appropriate protection controls based on data classification
• Collaborate with business units to understand data flows and implement appropriate DLP controls
• Generate DLP metrics and reports for compliance and risk management purposes

Skills

• Have a bachelor's degree in computer science, Information Security, Cybersecurity, or technical field related
• Have equivalent work experience may be considered in lieu of degree
• 3+ years of hands-on experience in information security operations, SOC, or similar role
• Have demonstrated experience with EDR platforms and endpoint security management
• Have experience conducting incident response investigations and forensic analysis
• Have hands-on experience with vulnerability management and remediation programs
• Have experience with email security solutions and investigating phishing/BEC attacks
• Be familiar with DLP technologies and data protection strategies
• Have a track record of managing security incidents from detection through resolution
• Possess a strong understanding of attack vectors, TTPs, and MITRE ATT&CK framework
• Be proficient in log analysis, correlation, and security event interpretation
• Have experience with EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, Cortex XDR)
• Have hands-on experience with SIEM solutions (Splunk, QRadar, Azure Sentinel, LogRhythm, Elastic SIEM)
• Be knowledgeable of vulnerability management tools (Tenable, Qualys, Rapid7)
• Have experience with email security gateways (Proofpoint, Mimecast, Barracuda, Microsoft Defender for Office 365)
• Be familiar with DLP platforms (Symantec DLP, Microsoft Purview, Forcepoint, Digital Guardian)
• Understand network protocols, packet analysis, and network security monitoring
• Have experience with scripting/automation (Python, PowerShell, Bash) for security operations
• Be knowledgeable of cloud security (AWS, Azure, GCP) and hybrid environments
• Understand security frameworks (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK)
• Be knowledgeable of compliance requirements (PCI DSS, HIPAA, SOX, GDPR) as applicable
• Possess a strong security‑focused mindset with deep understanding of compliance frameworks
• Work effectively under pressure and adapt to rapidly changing environments
• Be highly analytical, detail‑oriented, and self‑driven with strong ownership
• Possess excellent verbal and written communication skills
• Possess strong collaboration, interpersonal skills, and consistent follow‑through

Benefits

• Competitive compensation and benefits
• Flexibility to manage your personal and professional life to focus on what matters most to you

Company Overview

Company H1B Sponsorship