- Company Name
- RevSpring
- Job Title
- Security Engineer – Tool Ownership, Integration & Maturity
- Job Description
-
**Job Title:**
Security Engineer – Tool Ownership, Integration & Maturity
**Role Summary:**
Owner of the end‑to‑end lifecycle of enterprise security platforms (SIEM, EDR/XDR, SOAR, CSPM, IAM, vulnerability management). Responsible for integrating, automating, and optimizing these tools to enhance security posture, reduce noise, and support compliance. Works cross‑functionally to embed security into all systems, processes, and DevSecOps workflows.
**Expectations:**
- Deliver measurable improvement in security maturity and ROI of tools.
- Reduce alert fatigue while maintaining high‑quality risk signals.
- Maintain up‑to‑date control maps and compliance coverage.
- Communicate tool performance and security outcomes to leadership in clear, data‑driven reports.
- Adapt to evolving threats, regulatory changes, and business priorities.
**Key Responsibilities:**
1. Own security platform lifecycle: procurement, deployment, configuration, tuning, and retirement.
2. Integrate and automate SIEM, SOAR, EDR/XDR, CSPM, IAM, and vulnerability tools across on‑prem, cloud, and SOC environments.
3. Continuously tune alerting, dashboards, and policies to minimize noise and maximize signal.
4. Maintain security control maps, maturity roadmaps, and KPI/ROI dashboards.
5. Identify coverage gaps, eliminate redundancies, and enforce tool governance.
6. Conduct risk assessments, security audits, and architecture reviews.
7. Design, implement, and maintain compliance frameworks (HIPAA, HITRUST, PCI‑DSS, SOX, GLBA, NIST, ISO 27001).
8. Lead incident response planning, execution, and post‑mortem review.
9. Develop scripts (Python, PowerShell, Bash) and APIs to automate security operations and embed controls in CI/CD pipelines.
10. Produce documentation, runbooks, diagrams, and training materials to support repeatable improvements.
11. Partner with procurement, risk, and compliance teams on tool renewals, licensing, and governance.
**Required Skills & Experience:**
- 4–7 years in Security Engineering, SOC Engineering, or DevSecOps.
- Deep knowledge of at least three security domains: SIEM, EDR/XDR, SOAR, CSPM, IAM, or vulnerability.
- Cloud security experience with AWS, Azure, or GCP; implementation of controls across cloud environments.
- Proficiency in scripting (Python, PowerShell, Bash) and API integration.
- Familiarity with NIST CSF, HITRUST, ISO 27001/27002, CIS Controls, COBIT, ITIL, and MITRE ATT&CK.
- Experience in automated threat detection, penetration testing, or advanced threat‑hunt tools.
- Strong project management, reporting, stakeholder communication, and data‑driven decision making.
- Ability to translate technical details into business relevance for non‑technical audiences.
- Proven independent work ethic supported by collaborative team contributions.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent professional experience.
- Relevant certifications: CISSP, CISM, GCIA, GDSA, AWS Security Specialty, or comparable credentials.
*All content is formatted for ATS compatibility and global relevance.*