Security Operations Engineer
Posted on May 26, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Global Firm is currently seeking a Security Operations Engineer. Candidate will provide daily incident response in addition to providing 24x7 support and operational availability of the security infrastructure. Responsibilities include the monitoring and investigation of security alerts, implementation of new security technologies, day-to-day operations, and change management of all deployed security technologies.
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Monitor and correlate security event log information to identify and detect anomalous activity.
- Document and conform to processes related to security monitoring, patching and incident response.
- Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
- Appropriately inform and advise management on incidents and incident prevention.
- Participate in knowledge sharing with other analysts and develop solutions efficiently.
- Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
- Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
- Partner closely with IT or business teams across the Firm to implement secure solutions that reduce business risk by ensuring confidentiality, integrity, and availability.
- Bachelors degree required, preferably in cybersecurity or other IT-related field
- At least four (4) years in an IT-related field or at least two (2) years working in cybersecurity required. Experience in an MSSP or SOC preferred.
- Programming and Scripting skills such as PowerShell, Python, etc. preferred.
- Microsoft Outlook, Word, & Excel required.
- Experience investigating security incidents using various security tools including EDR tools such as Carbon Black, CrowdStrike, or Cylance required.
- Experience with Security Information and Event Management (SIEM) such as Splunk, LogRhythm, or QRadar including event analysis, alert generation, investigations, and reporting preferred.
- Experience using file sandbox technology to detonate and analyze potentially malicious documents and executables preferred.
- Experience with other security-related technologies including Intrusion Prevention/Detection Systems, Firewalls, Content Filtering Technology, Vulnerability Scanning/Management Solutions preferred
- Comptia Security+, Network+, Cybersecurity Analyst
- GIAC Information Security Fundamentals or Security Essentials Certification
- Certified Information Systems Security Professional (CISSP)