Sr. Cybersecurity Engineer
Remote for New York, New Jersey, and Connecticut
Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data and applications with innovative solutions that grow and adapt with our customers’ journey. More than 220,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.
Envision yourself at Barracuda:
This position requires a strong background in security, security platforms, and detecting incidents while providing support for customers’ SIEM Technologies, as it’s focused-on data ingestion from multiple IaaS, PaaS and SaaS services. You will be part of a team that is responsible for detecting security threats across our customers. You possess strong technical hands-on experience in delivering use cases and detection rules for multiple attack vectors. You help by developing detection methods to make sure we can identify potential threats and take action to stop them. You conduct attacks against our detection methods and learn and continuously strengthen our services. When our customers have a real incident, you are responsible for leading the Incident Response process by providing 24/7/365 support. You will be leading R&D tasks around innovation and features to better service our customers. You are also the primary support for managing the top 30 Annual Recurring Revenue Customers. You will be collaborating with other team members daily. Being a team player is necessary for being successful in this role along with having an innovative and forward- facing mindset. You will be a leader within the team and act as a mentor to other team members.
What you'll be working on:
- Research and develop new integrations to support the ever-changing cyber space.
- Ensure proper enrichment and validation of customer data across multiple technologies.
- Automation of manual SOC processes via scripting.
- Threat Intelligence Database Maintenance in AWS.
- Machine Learning Detections .
- Develop detection rules to support alerting and response capabilities for our SOC services.
- Continually improve Incident Response process for all customers and identify gaps.
- Develop innovative and scalable tools, cutting-edge offensive security techniques, and processes to enhance the team's velocity and scale.
- Conduct Attack & Defend exercises along with threat intel research to improve new and existing use cases based on new exploits and TTPs.
- Maintain Red Team lab in cloud environment for offensive security testing.
- Implement and execute procedures for administration, management, and lifecycle of the SIEM
- Protect and Manage Top 30 ARR Customers by being the lead for all their security needs.
- Lead Incident Response engagements.
- Create training on new features and products for the SOC.
- Communicate clearly and effectively, both written and orally, the risks that exist and remediations required for any security incident.
- Work collaboratively and independently on unique or special assignments which may require specialized knowledge and/or experience
- 24x7x365 support for Code Orange/Incident Response
- Tier-2 escalation point
What you bring to the role:
- 4 or more years’ experience in security performing intrusion detection, analysis, incident handling, information technology or security discipline.
- Strong Knowledge of AWS/Azure Iaas and different functionalities within.
- Strong Knowledge of AWS Lamda function
- Strong Knowledge of Machine Learning and Artificial Intelligence.
- CompTIA Network+ or Security+ CEH is desired.
- Experience in developing parsers and SIEM correlation rules to detect new threats beyond current capabilities.
- Hands on experience with Windows, Unix and Linux Operating Systems
- Understanding of OSI layers, network protocols (IP, ICMP,TCP,UDP), network services (DNS, DHCP, HTTP), routing protocols
- Working knowledge of Threat intelligence to interpret IOC’s and translate them for SIEM alerting.
- Experiencing with IDS & IPS
- Coding skills in Regex, Python, PowerShell & Bash (Highly Preferred)
- Hands on experience with cloud architecture such AWS or Azure.
- CEH, CCNA or AWS Certifications (Highly Preferred)
- Bachelor's/master’s degree in cyber security or Information Security or Related Field experience.
What you’ll get from us:
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.
- High-quality health benefits
- Retirement Plan with employer match
- Career-growth opportunities
- Flexible Time Off and Paid Time Off benefits
- Volunteer opportunities