Security Engineer II (Security Clearance)- Remote

• About Our Client:

The organization operates in the cybersecurity industry, focusing on protecting digital experiences for leading companies worldwide. It addresses the challenge of securing vast, distributed systems and infrastructure in a complex, cloud-driven environment. By delivering advanced security solutions and managing security operations, the program ensures system integrity and compliance with safety requirements, helping billions of users live, work, and play online securely. The company leverages a globally distributed compute platform from cloud to edge to optimize security and performance at scale.

• About the Opportunity:

The Security Engineer II is responsible for designing, implementing, and optimizing Security Information and Event Management (SIEM) solutions to enhance security operations. This role directly supports the organization’s cybersecurity efforts by improving threat detection, investigation, and response capabilities. The position plays a critical role in integrating diverse data sources, tuning detection rules, and collaborating with cross-functional teams to maintain and elevate operational security standards.

• Responsibilities:

• Develop, test, and tune Kibana Security detection rules

• Investigate Kibana Security alerts and document findings, scope, and recommended actions

• Analyze telemetry from identity, endpoint, network, and cloud data sources

• Improve alert accuracy through tuning, exception management, and rule lifecycle maintenance

• Map detection logic to MITRE ATT&CK and maintain investigation guidance

• Build dashboards, saved searches, and queries to support investigations and visibility

• Collaborate with SecOps, IR, IAM, cloud, and infrastructure teams to enhance detection and response

• Identify data quality gaps, field mapping issues, and logging deficiencies affecting detection

• Utilize scripting languages such as Python, Bash, JavaScript, or PowerShell

• Requirements:

• Minimum 5 years of experience in security operations, detection engineering, threat detection, or incident response

• Experience with Elastic Security / Kibana or similar SIEM platforms

• Proficiency in writing and tuning detections using KQL, EQL, ES|QL, SPL, or similar query languages

• Knowledge of common log sources including authentication, endpoint, network, and cloud audit logs

• Familiarity with cloud security concepts, particularly AWS

• Understanding of MITRE ATT&CK framework, alert triage, and false positive reduction

• Working knowledge of scripting in Python or Bash

• Pay Range and Compensation Package:

• For US-based candidates, the base salary ranges from $80,900 to $168,100 per year, determined by factors including experience, skills, certifications, and location

• Compensation outside the US varies

• The package may include annual bonuses, equity awards, and an Employee Stock Purchase Plan (ESPP)

• Benefits & Perks:

• Healthcare coverage

• 401K savings plan

• Paid company holidays

• Paid time off (vacation and sick leave)

Equal Opportunity Statement: Our client is an equal opportunity employer. They celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, or national origin.

Note:

RemoteHunter is not the Employer of Record (EOR) for this role. Our purpose in this opportunity is to connect exceptional candidates with leading employers. We help job seekers worldwide discover roles that match their goals and guide them to complete their full application directly through the hiring company’s career page or ATS.