About the Role
The engineer will be responsible for identifying, analyzing, and mitigating security incidents through continuous monitoring and response procedures.
Responsibilities
- Monitor security alerts and investigate potential cyber threats
- Analyze network traffic and system logs for suspicious activity
- Respond to security incidents following established protocols
- Escalate complex threats to senior analysts when necessary
- Maintain up-to-date knowledge of emerging cybersecurity risks
- Support incident response efforts with detailed documentation
- Collaborate with IT teams to strengthen system defenses
- Deploy and manage security monitoring tools
- Conduct regular vulnerability assessments
- Assist in the development of security policies and procedures
- Perform forensic analysis on compromised systems
- Track and report on security metrics and KPIs
- Participate in on-call rotations for after-hours support
- Evaluate security alerts for false positives and relevance
- Coordinate with external partners during joint investigations
- Implement threat intelligence into detection systems
- Maintain SOC runbooks and standard operating procedures
- Support compliance audits with accurate recordkeeping
- Conduct user awareness training on security best practices
- Troubleshoot security tool integrations and configurations
- Assist in the deployment of endpoint protection solutions
- Review firewall and access control configurations
- Identify patterns in attack methodologies
- Contribute to post-incident review meetings
- Stay current with industry certifications and training
Nice to Have
- Master’s degree in cybersecurity or related discipline
- Five or more years in a security operations role
- Hands-on experience with EDR platforms like CrowdStrike or SentinelOne
- Knowledge of MITRE ATT&CK framework
- Certifications such as GCIH or GCFA are advantageous
- Experience in financial or creative industries
- Familiarity with container and Kubernetes security
- Background in digital forensics investigations
- Prior work in 24/7 SOC environments
- Exposure to automated incident response workflows
Compensation
Competitive salary and benefits package offered based on experience and qualifications.
Work Arrangement
Full-time position with on-site and remote work options available.
Team
Collaborative security team operating within a dynamic technology environment.
About the Team
- The security team operates at the forefront of threat detection and response, utilizing cutting-edge technology to protect critical assets.
- Engineers work in close coordination with network, systems, and application teams to ensure comprehensive security coverage.
- The environment emphasizes continuous improvement, real-time analysis, and proactive defense strategies.
Technology Stack
- SIEM: Splunk Enterprise Security
- Endpoint Protection: CrowdStrike Falcon, Microsoft Defender
- Firewalls: Palo Alto, Cisco ASA
- Cloud Platforms: AWS, Azure
- Automation: Phantom, Python scripts
- Vulnerability Management: Tenable, Qualys
Visa sponsorship may be available for qualified candidates.
