Job
Description
About the Job: We are seeking a highly skilled Security Engineer with expertise in CrowdStrike s Next-Gen SIEM (Falcon LogScale) to join our Security Operations team. This role will focus on engineering, optimizing, and maintaining security detection and log management systems to enhance our threat detection and incident response capabilities. You will work closely with SOC analysts, threat hunters, and IT teams to deliver a robust and scalable securitymonitoring solution. Responsibilities: Design, implement, and manage CrowdStrike Falcon LogScale (Next-Gen SIEM) environment for real-time log ingestion, parsing, correlation, and alerting. Manage LogScale collector deployments, including monitoring, configuration, and fleet management. Develop and tune custom detection rules, dashboards, parsers, and alerts to identify malicious activities and policy violations. Integrate diverse log sources including endpoints, firewalls, cloud platforms (AWS, Azure, GCP), and applications into the SIEM environment. Collaborate with Threat Intelligence and Incident Response teams to develop use cases for detection and mitigation of advanced threats. Conduct performance tuning, optimization, and maintenance of the SIEM infrastructure to ensure high availability and scalability. Assist in developing automation scripts and tools for alert triage, response, and reporting. Ensure compliance with relevant security policies, standards, and frameworks (e.g., NIST, ISO 27001). Provide support during security investigations and incident response, including root cause analysis and remediation. Deliver documentation, including architecture diagrams, runbooks, and technical procedures. Requirements: 3 years of experience in cybersecurity engineering 3 years of hands-on experience with the CrowdStrike Falcon platform, with at least 1 year of administration experience in the platform s Raptor release. 1 year of experience in administering CrowdStrike Next-Gen SIEM specifically. S trong knowledge of log management, SIEM/SOAR solutions, and security event correlation. Proficiency in query languages (e.g., CrowdStrike/LogScale Query Language (CQL/LQL) , SPL, KQL, or similar). Experience integrating diverse log sources from on-prem and cloud environments. Experience with custom log parsers. Familiarity with detection engineering, threat modeling, and incident response workflows. Preferred Skills : Experience with scripting languages (Python, Bash, PowerShell) for automation and integrations. Familiarity with EDR, NDR, and UEBA tools. Knowledge of MITRE ATT&CK framework and threat detection methodologies. CrowdStrike certifications (e.g., CCFA, CCFR, CCFH, CCIS)
