Sr. Information Security Engineer

Full Time
Farmers Branch, TX
Areas of Interest: Incident Response, Threat Analysis
report a problem

Push us. Amaze us. Inspire us.

The VMware Information Security Operations team is responsible for detecting and responding to cyber threats targeting VMware systems, applications, infrastructure, information, and users. The Information Security Engineer is a highly technical role responsible for developing and maintaining threat monitoring capabilities used by the Security Operations Center (SOC) team. The ideal candidate will have strong experience implementing and maintaining security event monitoring and analysis solutions for large enterprises. This candidate will also have deep expertise in large scale threat analysis of event data from commercial and open source infrastructure technology platforms.

This position is responsible for:
  • Driving the development and ongoing tuning and optimization of security event monitoring and analysis application platforms.
  • Providing subject matter expertise on advanced threat analysis against large data sets.
  • Contributing to the strategic direction for the next generation of security monitoring and response capabilities at VMware.
  • Implementing processes, capabilities, and techniques for proactive threat hunting.
  • Developing, documenting, and maintaining common data standards for data normalization.
  • Ongoing review and analysis of threat intelligence data correlation against event data sets for relevance.
  • Developing and maturing active threat monitoring use case portfolio.
  • Designing and implementing dashboards and data visualizations for various stakeholders.
  • Developing and implementing KPI and metric reporting related the threat analysis.
  • Maintaining current knowledge of emerging cyber security threats.
  • Maintaining a high level of confidentiality.

Required skills and experience: 
  • 8-10 years of experience in cyber threat hunting, data analysis, and configuration of security monitoring platforms.
  • Extensive experience implementing and supporting SIEM products, including Splunk Enterprise, Elastic Stack, and AlienVault.
  • Strong understanding of threat analysis and incident response practices and methodologies.
  • Expert technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, and packet inspection.
  • Experience implementing security detection and response capabilities in cloud computing environments.
  • Experience with endpoint security analysis, including Tanium, McAfee ePO, Windows, Mac, and Linux host event data.
  • Experience with security behavioral analytics platforms used for user and entity behavioral analytics and anomaly detection.
  • Participate in evaluating, recommending, implementing, and troubleshooting security tools.
  • Strong analytical skills and ability to identify advanced threats.
  • Ability to interact effectively at all levels of an organization and across diverse cultural and linguistic barriers.
  • Ability to work effectively as part of a team and independently with minimal supervision.
  • Availability outside working hours for high priority events.
  • Strong written and verbal communications.
  • Ability to prioritize projects and deliverables.

Desired skills/experience/certification:
  • Bachelor’s degree or equivalent experience.
  • ​Certifications such as GCIH, GIAC, CISSP, Splunk Certified Architect.
  • Scripting skills such as Python, Perl, Shell, Bash, RegEx, Splunk query language.
EEO Statement
VMware is an equal opportunity employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Equal opportunity and consideration are afforded to all qualified applicants and employees in personnel actions, which include: recruiting and hiring, selection for training, promotion, rates of pay or other compensation, transfer, discipline, demotion, layoff or termination. VMware does not unlawfully discriminate on the basis of race, color, religion, sexual orientation, marital status, pregnancy, gender identity, gender expression, family medical history or genetic information, citizenship, national origin or ancestry, sex, age, physical or mental disability, medical condition, veteran status, military status, or any other basis protected by federal, state or local law, ordinance or regulation. VMware also makes reasonable accommodations for disabled employees consistent with applicable law. Further, it is the policy of VMware to maintain a working environment free of all forms of harassment.

Share this job:


See why VMware was named a "Best Place to Work"
VMware is the leader in cloud infrastructure, business mobility and virtualization software. A pioneer in the use of virtualization and policy-driven automation technologies, VMware simplifies IT complexity across the entire data center to the virtual workplace, empowering customers with solutions in the software-defined data center to hybrid cloud computing and the mobile workspace. With 2014 revenues of $6.04 billion, VMware has more than 500,000 customers, 75,000 partners, and 18,000+ employees in 120+ locations around the world. At the core of what we do are our employees who deeply value execution, passion, integrity, customers, and community. Want to be part of a compassionate community that thrives on architecting what’s next in IT? Learn more at
Visit VMware's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 10,001+