Information Security Engineer(SOC/SIEM(Splunk, CrowdStrike, Scripting)

Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better. Whether you’re interested in engineering or development, marketing or sales, or something else – if this sounds like you, then we’d love to hear from you!

We are headquartered in Denver, Colorado, with offices in the US, Canada, and India.

Description

As an Information Security Engineer II, you will serve as a key contributor in security operations, combining core analyst responsibilities with light engineering tasks. You will monitor and respond to security events, support vulnerability and application security efforts, and contribute to automation and tool optimization initiatives. This role is ideal for professionals with strong analytical skills and a foundational understanding of scripting and security tooling.

Key Responsibilities:

Essential job functions include but are not limited to the following:

Security Operations & Incident Response

• Monitor and analyze security alerts from SIEM, EDR, and vulnerability scanners.
• Assist in investigating medium to high-severity incidents with guidance.
• Contribute to incident response playbook updates and automation improvements.
• Correlate threat intelligence with internal events to assess impact.
• Support forensic analysis and evidence collection with MDR/MSSP partners.

Security Engineering & Automation:

• Develop basic scripts (e.g., Python, PowerShell) to automate repetitive security tasks.
• Support integration and tuning of security tools (SIEM, SOAR, EDR).
• Assist in building dashboards and reports for security metrics.

Application Security Support

• Review and validate automated scan results (e.g., Veracode).
• Identify false positives and provide remediation guidance.
• Support CI/CD pipeline security integration and issue resolution.

Vulnerability Management

• Conduct CVE research and impact analysis using CVSS scoring.
• Assist in prioritizing and tracking remediation efforts.
• Support development of vulnerability dashboards and reports.

Compliance & Documentation

• Support audit and compliance activities by maintaining documentation.
• Contribute to security procedures, knowledge base articles, and metrics reporting.

Team Collaboration & Mentorship

• Mentor junior team members on investigation and documentation practices.
• Participate in onboarding and knowledge sharing activities.
• Contribute to team process improvements and tool evaluations.

Knowledge, Skills and Abilities:

• 3 - 5 years of experience as an Information Security Engineer
• Experience in network security fundamentals (TCP/IP, SSL, PKI, RADIUS, DNS, routing/switching)
• Proficiency with multiple tools related to SOC / SIEM, such as Splunk, CrowdStrike.
• Proficiency with multiple security tools Check Point, Cisco ASA, Imperva WAF, Carbon Black/ , Forcepoint, Qualys
• Intermediate scripting capabilities in PowerShell, Python, or shell scripting with ability to develop basic automation
• Good knowledge of security vulnerabilities, attack vectors, and the OWASP Top 10
• Solid understanding of operating systems security for both Windows and Linux environments, and, working knowledge of cloud security concepts, preferably AWS
• Proficient in Git, GitLab, and commercial software scanning solutions
• Good knowledge of Agile planning processes and associated tools (Jira, Rally, Confluence)
• Familiarity with ServiceNow for case management and workflow development
• Solid knowledge of threat modeling methodologies
• Good understanding of the NVD, CVEs, and CVSS 3.0 scoring systems
• Knowledge of incident response practices and basic forensic analysis techniques
• Understanding of APIs and common security implementation methods
• Strong communication skills with ability to present security topics to technical and business audiences
• Developing leadership and mentoring capabilities
• Good analytical thinking and problem-solving skills
• Ability to work independently with moderate supervision
• Basic project coordination skills

Why Vertafore is the place for you: *Canada Only

• The opportunity to work in a space where modern technology meets a stable and vital industry
• Medical, vision & dental plans
• Life, AD&D
• Short Term and Long Term Disability
• Pension Plan & Employer Match
• Maternity, Paternity and Parental Leave
• Employee and Family Assistance Program (EFAP)
• Education Assistance
• Additional programs - Employee Referral and Internal Recognition

Why Vertafore is the place for you: *US Only

• The opportunity to work in a space where modern technology meets a stable and vital industry
• We have a Flexible First work environment! Our North America team members use our offices for collaboration, community and team-building, with members asked to sometimes come into an office and/or travel depending on job responsibilities. Other times, our teams work from home or a similar environment.
• Medical, vision & dental plans
• PPO & high-deductible options
• Health Savings Account & Flexible Spending Accounts Options:
• Health Care FSA
• Dental & Vision FSA
• Dependent Care FSA
• Commuter FSA
• Life, AD&D (Basic & Supplemental), and Disability
• 401(k) Retirement Savings Plain & Employer Match
• Supplemental Plans - Pet insurance, Hospital Indemnity, and Accident Insurance
• Parental Leave & Adoption Assistance
• Employee Assistance Program (EAP)
• Education & Legal Assistance
• Additional programs - Tuition Reimbursement, Employee Referral, Internal Recognition, and Wellness
• Commuter Benefits (Denver)

The selected candidate must be legally authorized to work in the United States.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all the job responsibilities, duties, skill, or working conditions. In addition, this document does not create an employment contract, implied or otherwise, other than an "at will" relationship.

Vertafore strongly supports equal employment opportunity for all applicants regardless of race, color, religion, sex, gender identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, sexual orientation, genetic information, or any other characteristic protected by state or federal law.

The Professional Services (PS) and Customer Success (CX) bonus plans are a quarterly monetary bonus plan based upon individual and practice performance against specific business metrics. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.

The Vertafore Incentive Plan (VIP) is an annual monetary bonus for eligible employees based on both individual and company performance. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.

Commission plans are tailored to each sales role but common components include quota, MBO's and ABPMs. Salespeople receive their formal compensation plan within 30 days of hire.

Vertafore is a drug free workplace and conducts preemployment drug and background screenings.

We do not accept resumes from agencies, headhunters or other suppliers who have not signed a formal agreement with us.

We want to make sure our recruiting process is accessible for everyone. if you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact recruiting@vertafore.com

Just a note, this contact information is for accommodation requests only.

Qualifications

• B.Tech/B.E. in Computer Science, Information Technology, Electronics & Communication, or related engineering discipline, or equivalent combination of education and working information security experience required
• Minimum 3.5-5 years of Information Security experience or 3-5 years of Information Technology experience
• Minimum 2 years of hands-on experience with programming or scripting in languages such as JavaScript, Python
• Security certifications such as Security+, SSCP, or progress toward CISSP/SANS GIAC certifications preferred
• Demonstrated experience in mentoring or coordinating with technical team members

Additional Requirements and Details:

• Located and working from the Hyderabad office
• Able to work at least a portion of the day when US offices are open
• Participate in on-call rotation for critical security incidents
• Occasional lifting and/or moving up to 10 pounds
• Frequent repetitive hand and arm movements required to operate a computer
• Specific vision abilities required by this job include close vision (working on a computer, etc.)
• Frequent sitting and/or standing