Job Description:
The Sr. Engineer I, Security is responsible to strengthen our global Security Engineering & Operations team and enhance our overall security posture. The incumbent will play a key role in building scalable security capabilities, leveraging automation and emerging technologies to make our defenses smarter and more efficient.
- Develop and maintain security tooling, guidelines, and standards for the Security Engineering team.
- Participate in threat intelligence and forensic analysis exercises, with guidance from more senior engineers.
- Work closely with application and infrastructure teams on mitigation of vulnerabilities against all cloud-hosted systems.
- Create and maintain thorough runbooks and incident response documentation for the Security Operations Center (SOC).
- Create and monitor correlated event dashboards in the SIEM, alerting against thresholds you develop.
- Research, implement, and configure security protections for email, hosts, and identities.
- Write scripts to automate manual tasks.
- Run and support incident response activities in collaboration with the production IR team during active security incidents.
- Mentor junior team members in security operations.
- Create and provide training to assist new staff and internal teams.
- Perform other duties that support the overall objective of the position.
Education Required:
- Bachelor's degree in Information Systems, Computer Science, or related discipline.
- Or, any combination of education and experience which would provide the required qualifications for the position.
Experience Required:
- 5+ years of experience in a security operations center, focusing on threat intelligence, incident response, blue team operations, and SIEM query or workflow creation.
License/Certification Required:
- CEH, SANS, ISC2 (CISM, CISSP, CCSP, etc.), AWS, GCP, or Azure certifications preferred but not required.
Knowledge, Skills & Abilities:
- Knowledge of: Working knowledge of SOC operations and incident response procedures, such as EDR, SWG, CASB, email threat protection, SIEM and SOAR platforms, threat intelligence frameworks (MITRE ATT&CK), vulnerability and identity management, network security tools (firewalls, IDS/IPS), scripting (Python or PowerShell), cloud-native security services (AWS, Azure, GCP), forensic and log analysis, and documentation platforms for preserving security operations materials.
- Skill in: Strong analytical and problem-solving skills; ability to troubleshoot complex systems; effective teamwork and communication skills.
- Ability to: Ability to assess system behavior, anticipate impacts of change, present confidently to various audiences, prioritize and execute multiple tasks, and build respectful collaborative relationships.
The company has reviewed this job description to ensure that essential functions and basic duties have been included. It is intended to provide guidelines for job expectations and the employee's ability to perform the position described. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate. This document does not represent a contract of employment, and the company reserves the right to change this job description and/or assign tasks for the employee to perform, as the company may deem appropriate.
NextGen Healthcare is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
