Remote Opportunity || Sr Security Engineer with Firewall, EDR , SIEM, Email Security || Contract

Job Title: Security Engineer with Firewall, EDR , SIEM, Email Security Location: Remote- USA Mode of Hire: Contract Job Description: Adding the specific tools to look for , • Firewalls: Sonic Wall, Cisco Meraki • EDR: Microsoft Defender & XDR • SIEM: Azure Sentinel • Email Security: Proofpoint / M365 Security • VAPT - Tenable Io, Nessus and Rapid 7 Experience: 7 10+ years Reports To: Security Architecture Lead Role Summary We are seeking a highly skilled Senior Security Engineer (Level 3) to design, implement, and optimize our enterprise security controls. This role requires deep technical expertise in firewalls, endpoint detection & response (EDR), SIEM engineering, and email security platforms. The ideal candidate will act as a technical SME, lead advanced threat analysis, support incident response, and guide junior engineers. Key Responsibilities: 1. Firewall Engineering & Network Security • Architect, configure, and maintain enterprise firewalls (Palo Alto / Fortinet / Cisco / Check Point). • Create, review, and optimize security policies, NAT rules, segmentation, and zero-trust network zones. • Perform firewall upgrades, log analysis, policy audits, and change management. • Lead troubleshooting of advanced network security issues (L3/L4/L7). • Integrate firewall telemetry with SIEM and automation platforms. 2. Endpoint Detection & Response (EDR) • Serve as SME for EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, etc.). • Tune detection rules, behavioral analytics, and response playbooks. • Manage EDR deployments, health checks, version upgrades, and agent monitoring. • Analyze suspicious endpoint activity, malware behavior, lateral movement attempts, and persistence methods. • Collaborate with IR team for endpoint containment and forensic investigations. 3. SIEM Engineering & Log Analytics • Own SIEM platform engineering (Splunk / MS Sentinel / QRadar / Elastic). • Build and tune correlation rules, dashboards, parsers, and automated threat response workflows. • Onboard new log sources (firewalls, servers, EDR, cloud services, UBA, email gateways). • Conduct threat hunting using SIEM, UEBA, and network telemetry. • Improve detection coverage based on MITRE ATT&CK and past incidents. 4. Email Security & Messaging Protection • Manage secure email gateways (Proofpoint / Mimecast / Microsoft Defender M365). • Implement DMARC, DKIM, SPF, anti-spam, anti-phishing, URL rewriting, and attachment sandboxing. • Investigate phishing campaigns, BEC attempts, malware attachments, and credential harvesting. • Tune policies to reduce false positives and increase threat visibility. 5. Incident Response & Threat Analysis • Act as L4 escalation for major incidents across endpoints, email, network, and cloud. • Perform deep-dive analysis including packet captures, log correlation, malware triage, and kill chain mapping. • Support threat hunting, threat intel integration, and adversary behavior analysis. 6. Security Architecture & Hardening • Recommend architecture improvements for network segmentation, endpoint hardening, and identity security. • Perform risk assessments, vulnerability reviews, and security control validation. • Lead technical evaluations for new security technologies and vendors. • Contribute to zero-trust architecture planning and implementation. 7. Automation, Integrations & Documentation • Use scripting (Python, PowerShell, Bash) to automate repetitive tasks and log parsing. • Integrate security tools with SOAR platforms. • Create runbooks, design documents, diagrams, and engineering-level documentation. • Mentor junior security engineers and provide L3/L4 engineering guidance. Required Qualifications: • 7 10+ years of experience in security engineering or SOC engineering. • Advanced experience with: • Firewalls: Palo Alto / Fortinet / Cisco / Check Point • EDR: CrowdStrike / SentinelOne / Defender • SIEM: Splunk / Sentinel / QRadar / Elastic • Email Security: Proofpoint / Mimecast / M365 Security • Strong understanding of TCP/IP, DNS, TLS, VPN, routing, switching, and network protocols. • Deep knowledge of threat detection, malware analysis fundamentals, and adversary TTPs. • Experience with MITRE ATT&CK, NIST, CIS controls, and enterprise security frameworks. • Strong scripting knowledge (Python/PowerShell preferred). • Experience in cloud environments (AWS / Azure / Google Cloud Platform) preferred. Preferred Certifications: • CISSP • CCSP • Palo Alto PCNSE or equivalent • GIAC GCIA / GCIH / GCED / GCFA • Microsoft SC-200 / SC-300 • CrowdStrike or SentinelOne certifications Soft Skills: • Strong analytical and problem-solving mindset. • Ability to lead high-severity incidents under pressure. • Excellent communication and documentation skills. • Ability to mentor and guide junior team members. PSRTEK is a reputed technology recruitment and IT staffing brand with a global footprint and an admired client base. As an ideas and innovation powerhouse with a culture of excellence, we bring remarkable expertise and deliver powerfully transformative results. Apply tot his job Apply To this Job