Address
Form of work The Security Operations Engineer role provides daily incident response in addition to providing 24x7 support and operational availability of the security infrastructure. Responsibilities include the monitoring and investigation of security alerts, implementation of new security technologies, day-to-day operations, and change management of all deployed security technologies.
RESPONSIBILITIES
REQUIREMENTS
RESPONSIBILITIES
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Monitor and correlate security event log information to identify and detect anomalous activity.
- Document and conform to processes related to security monitoring, patching and incident response.
- Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
- Appropriately inform and advise management on incidents and incident prevention.
- Participate in knowledge sharing with other analysts and develop solutions efficiently.
- Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
- Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
REQUIREMENTS
- 4+ years of experience in Security Operations
- Experience with Security Information and Event Management (SIEM) including event analysis, alert generation, investigations, and reporting.
- Experience investigating security incidents using various security tools including EDR tools such as Carbon Black or CrowdStrike
- Experience with vulnerability analysis and reporting using vulnerability management software such as Rapid7, Nessus, or Qualys.
- Programming and scripting skills such as PowerShell, VBScript, Python, etc.
- Bachelor's degree or better in Cyber Security, Information Systems, or any other security-related subject is preferred
- CISSP, CISA, CEH, ECSA or other security-focused certification is preferred
