Security Platform Engineer

Technical Support New York Ann Arbor, Michigan Alpharetta, Georgia Connecticut Chelmsford, Massachusetts New Jersey Atlanta, Georgia Boston, Massachusetts

Job ID: 23-240

Come Join Our Passionate Team!  At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers’ journey. More than 220,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.

We know a diverse workforce adds to our collective value and strength as an organization.  Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.

Envision yourself at Barracuda:

This position requires a strong background in security, security platforms, and detecting incidents while providing support for customers’ SIEM Technologies, as it’s focused-on data ingestion from multiple IaaS, PaaS, and SaaS services. You will be part of a team that is directly responsible for detecting security threats across our customers. You possess strong technical hands-on experience in delivering use cases and detection rules for multiple attack vectors. You help by developing detection methods to make sure we can identify potential threats and take action to stop them. You conduct attacks against our detection methods and learn and continuously strengthen our services. When our customers have a real incident, you are responsible for leading the Incident Response process by providing 24/7/365 support.  You are also the primary support for managing the top 30 Annual Recurring Revenue Customers. You have a natural curiosity for all things security and are passionate about all things security-related. You will be collaborating with other team members daily. Being a team player is a must for being successful in this role.  

What you'll be working on:   

Proactive:

  • Research new and existing log sources and evaluate and implement counter detection methods.
  • Develop detection rules to support alerting and response capabilities for our SOC services.
  • Continually improve the Incident Response process for all customers and identify gaps.
  • Develop attack detection methods and manage these methods using tools such as Elastic/FortiSIEM/Respond
  • Conduct Attack & Defend exercises in the SOC to improve quality.
  • Advanced Threat/Malware Analysis
  • SOC Ticketing System MGMT
  • Conduct SOC Training
  • Advanced Threat Hunting
  • Investigate new products and services and make recommendations.
  • Assist SOC with customer meetings and support requests.
  • Design custom dashboard for SOC to ensure faster Alarm analysis.
  • Implement and execute procedures for the administration, management, and lifecycle of the SIEM.
  • Protect and Manage Top 30 ARR Customers by being the lead for all of their security needs.
  • Lead Incident Response engagements.

Reactive:

  • 24x7x365 support for Code Orange/Incident Response
  • Tier-3 back up for EndPoint and Email Protection services.
  • Tier-2 escalation point
  • Tier-3 back up for Fortigate/Fortimail 

What you bring to the role:

  • 2 or more years of experience in security performing intrusion detection, analysis, incident handling, information technology, or security discipline.
  • CompTIA Network+ or Security+ CEH is desired.
  • Experience in developing parsers and SIEM correlation rules to detect new threats beyond current capabilities.
  • Hands-on experience with Windows, Unix, and Linux Operating Systems
  • Understanding of OSI layers, network protocols (IP, ICMP, TCP,UDP), network services (DNS, DHCP, HTTP), routing protocols
  • Working knowledge of Threat intelligence to interpret IOCs and translate them for SIEM alerting.
  • Experiencing wit IDS & IPS
  • Coding skills in Regex, Python, PowerShell & Bash (Highly Preferred)
  • Hands-on experience with cloud architecture such AWS or Azure.
  • CEH, CCNA or AWS Certifications (Highly Preferred)
  • Bachelor's/master’s degree in cyber security or Information Security or Related Field experience.

What you’ll get from us:

A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross-training and the ability to attain your next career step within Barracuda.

  • High-quality health benefits
  • Retirement Plan with employer match
  • Career-growth opportunities
  • Flexible Time Off and Paid Time Off benefits
  • Volunteer opportunities

#LI-Hybrid
#LI-PS1
#LI-DM1