All roles

Open role

[Remote] Senior Security Engineer

Remote · Peru Full-time

Note: The job is a remote job and is open to candidates in USA. GXA is seeking a highly capable Security Engineer to support the delivery and operation of their gShield security services. This hands-on role focuses on incident response, security tool operations, remediation execution, client security support, and internal security improvement initiatives.

Responsibilities

  • Serve as a Tier 3 escalation point for active security incidents, including business email compromise (BEC), adversary-in-the-middle (AiTM), ransomware, and account compromise
  • Lead technical analysis during incident response and war room events, including log review, IOC hunting, and lateral movement tracing
  • Execute containment and eradication actions such as endpoint isolation, session revocation, and credential resets
  • Coordinate with SOC teams and vendor threat intelligence teams during active investigations and containment efforts
  • Produce accurate incident timelines, technical findings, and evidence packages for vCISO review and client-facing follow-up
  • Operate daily within the gShield toolstack, including platforms such as Huntress, Microsoft Defender for Endpoint (MDE), Cyrisma, DNSFilter, SIEM, and related security technologies
  • Perform alert triage, risk identification, scan issue resolution, and follow-through on issues surfaced by security tools
  • Support SIEM operations including query development, alert review, and rule tuning
  • Assist in tuning detection logic, scan settings, and platform effectiveness in coordination with Centralized Services and security leadership
  • Monitor for security gaps, suspicious activity, and control weaknesses across managed environments
  • Execute technical remediation items identified through MRMMs, preventative actions, vulnerability reviews, and security recommendations
  • Support gShield deliverables through technical validation, evidence gathering, scan review, and vulnerability analysis
  • Act as a quality assurance resource for client onboarding into the gShield toolstack, while execution remains with onboarding and Centralized Services teams
  • Assist with client hardening efforts and follow-through on security improvement actions across managed environments
  • Support remediation of internal GXA security backlog items, including POA&M-related work
  • Assist with rollout and support of phishing-resistant MFA, passkeys, and other internal security initiatives
  • Contribute to security engineering efforts related to Intune, Defender, ThreatLocker, AppLocker, and RMM scripting
  • Help improve internal security controls, tool effectiveness, and technical enforcement mechanisms
  • Write and maintain security engineering SOPs, runbooks, detection playbooks, and response procedures related to gShield operations and incident response
  • Document technical findings, repeatable procedures, and lessons learned from incidents and tool operations
  • Collaborate with security leadership and technical stakeholders on process improvements, skill development, and automation opportunities
  • Contribute technical depth to broader security documentation where needed, while recognizing that ownership of policy, standards, and governance documentation remains with security leadership and related functions

Skills

  • 5–7+ years of experience in cybersecurity, security operations, security engineering, or incident response roles
  • Strong hands-on experience with incident response, threat detection, and security operations workflows
  • Experience working with security platforms such as Microsoft Defender, Huntress, DNSFilter, SIEM solutions, vulnerability management tools, and endpoint security technologies
  • Ability to investigate security alerts, analyze logs, trace attacker activity, and support containment and remediation
  • Familiarity with common attack types including phishing, BEC, account compromise, ransomware, and identity-based attacks
  • Experience supporting security controls in Microsoft 365 and endpoint environments
  • Strong documentation skills and ability to write clear technical procedures and findings
  • Ability to work calmly and methodically during active incidents and escalations
  • Strong collaboration and communication skills with both internal teams and leadership stakeholders
  • Experience in an MSP, MSSP, or multi-client environment
  • Familiarity with Intune, Microsoft Defender, AppLocker, ThreatLocker, and RMM-based scripting or automation
  • Understanding of CIS benchmarks, security hardening standards, and configuration drift monitoring
  • Experience supporting vulnerability remediation and technical aspects of vCISO or managed security programs
  • Security certifications such as Security+, CySA+, SC-200, SC-300, AZ-500, GCIH, GCIA, or similar are a plus

Company Overview

  • GXA is a IT consulting company that offers disaster management, backup and data recovery and various such IT related solutions to companies. It was founded in 2008, and is headquartered in Richardson, Texas, USA, with a workforce of 11-50 employees. Its website is https://gxait.com/.
  • More open positions

    [Remote] Director, Credentialing Operations (Health Plan Credentialing Experience)

    Work from home Full-time role

    [Remote] Senior Solutions Consultant

    Work from home Full-time role

    [Remote] Sr. Project Manager

    Work from home Full-time role

    [Remote] Product Manager - STINGER

    Work from home Full-time role

    [Remote] Director of Coding Operations

    Work from home Full-time role

    Experienced Remote Customer Support Representative – Delivering Exceptional Customer Experiences at careerzynith

    Work from home Full-time role

    Experienced Full Stack Data Entry Specialist – Remote Work Opportunity at careerzynith

    Work from home Full-time role

    Talent Acquisition Manager, Operations and Quality - Quality and Compliance (Remote)

    Work from home Full-time role

    Telecom Design Technician I

    Work from home Full-time role

    Experienced Customer Service Representative – Tax Season Support

    Work from home Full-time role

    Podcast Assistant Producer — Storytelling & Audio Craft Job at Slate-Magazine in

    Work from home Full-time role

    Staff Product Manager

    Work from home Full-time role

    Experienced Customer Service Associate II - Hybrid Role at careerzynith

    Work from home Full-time role

    Experienced Seller Customer Service Representative – Driving Seller Satisfaction and Operational Excellence at careerzynith

    Work from home Full-time role

    Remote Customer Support Analyst – Data Analytics & Product Management – Full‑Time Work‑From‑Home Position at careerzynith

    Work from home Full-time role

    Vendor Management Specialist - Remote (2 Openings)

    Work from home Full-time role

    Research Lab Manager

    Work from home Full-time role

    Bodily Injury Claim Specialist - Tampa, Florida

    Work from home Full-time role

    Senior Mainframe Systems Programmer - zOS

    Work from home Full-time role

    IT-Projektmanager/Product Owner (m/w/d)

    Work from home Full-time role

    AVP, Brand Management

    Work from home Full-time role