Sr. Cyber Security Operations Engineer SOC
Posted on Oct 13, 2021 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Sr. Cyber Security Operations Engineer. Candidate will help with the Security Operations Center vision of reducing information risk by ensuring and enhancing the confidentiality, integrity, and availability of information systems.
- Monitor security events from SIEM, threat Intelligence, end user notifications, etc. to determine security risk and appropriate response.
- Review new threats to determine need for relevant security use cases and work closely with Threat Detection team to implement them.
- Review existing alerts to identify opportunities for tuning and work with the Content Development team to test and implement tuning requests.
- Follow established processes, procedures & SLAs to respond to and document analysis of security events.
- Participate in review of new SIEM use cases and develop runbooks that provide guidelines for analysing the specific threats related to new use cases.
- Evaluate use cases on a periodic basis to ensure they are still relevant, support monitoring of security risks, have the correct data sources and are providing value.
- Develop and improve processes/procedures related to the Cyber Security Operation Center.
- Collaborate with the Incident Response team on the response, triage and escalation of security events affecting the company's information assets and activities.
- Coordinate with the Forensics team for analysis of malware samples, to obtain IOCs and implement necessary preventive measures.
- Provide guidance to build the controls necessary for automated and proactive detection and prevention.
- Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
- 5+ years of information security or related risk management experience
- 2+ years of Hands on Information Security SOC/Incident Response experience with analysing IOCs/Alerts as identified by CSOC & Threat Intel team
- 2+ years of Splunk experience
- Demonstrated experience with SIEM use cases and runbook development
- Demonstrated experience in handling security events in mission critical environments
- Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
- Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
- Relevant security knowledge and experience in two of the following areas: security operations, incident response, network/host intrusion detection, threat response