Security Operations Engineer

Position Summary:

The Cybersecurity Operations Engineer will be responsible for monitoring, analyzing, and remediating vulnerabilities across the organization’s systems and networks. This role will support the implementation and operation of security tools and work closely with IT teams to ensure timely remediation of vulnerabilities and exposures. The ideal candidate will have hands-on experience with security tools, vulnerability management processes, and the ability to communicate effectively with both technical and non-technical stakeholders. The Cybersecurity Operations Engineer will also be involved in managing the cybersecurity awareness training program, running reports from the MSSP platform, responding to risk assessment questionnaires, and assisting in SOC2 compliance tasks.

Essential Duties and Responsibilities:

Vulnerability Management:

• Perform regular vulnerability scans using established security tools.
• Analyze scan results to identify security weaknesses, misconfigurations, and potential threats.
• Collaborate with IT and application teams to prioritize and remediate identified vulnerabilities, ensuring they are addressed in a timely manner.
• Maintain records of remediation activities and provide updates to management and the cybersecurity team.

Security Monitoring & Reporting:

• Monitor security alerts and events from SIEM, EDR, and other security platforms to detect unusual activities or potential threats.
• Conduct further analysis on identified security incidents and escalate issues to the Cybersecurity Operations Manager or other senior staff as needed.
• Generate regular reports on the status of vulnerabilities, remediation efforts, and security incidents for management review.
• Run reports from the MSSP platform (Alert Logic) and escalate findings as necessary.

Risk Assessment & SOC2 Compliance:

• Assist in responding to risk assessment questionnaires from clients, ensuring accuracy and timeliness.
• Conduct monthly tasks related to SOC2 controls, documenting progress and maintaining records for audit purposes.
• Collaborate with other security team members to ensure compliance with internal policies and external requirements.

Cybersecurity Awareness Program:

• Support the management and maintenance of the cybersecurity awareness training program.
• Track completion rates and performance metrics for employee security training.
• Regularly update and enhance training materials to ensure they address emerging threats.

Remediation & Mitigation:

• Work closely with infrastructure and application teams to implement configuration changes, patches, or other remediation activities to resolve identified vulnerabilities.
• Test and verify the effectiveness of applied patches and configurations.
• Develop and maintain standard operating procedures for vulnerability remediation.

Security Tools Administration:

• Support the deployment, configuration, and maintenance of security tools, including SIEM, EDR, vulnerability management platforms, and other relevant systems.
• Assist in the tuning and optimization of security tools to enhance detection capabilities and reduce false positives.

Documentation & Reporting:

• Document security processes, configurations, and remediation activities.
• Contribute to the development and continuous improvement of security policies, standards, and procedures.

Collaboration:

• Partner with other members of the cybersecurity team to support ongoing projects and security initiatives.
• Provide technical guidance and support to junior staff as needed.
• Engage with IT teams, development teams, and third-party vendors to address security issues and improve overall security posture.

Required:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field, or equivalent experience.
• Strong understanding of vulnerability management, remediation processes, and security best practices.
• Experience with security tools, including SIEM, EDR, and vulnerability management platforms.
• Ability to analyze security alerts and vulnerabilities, develop effective remediation plans, and track progress.
• Strong problem-solving and analytical skills.
• Excellent communication skills, both written and verbal.

Preferred:

• Relevant security certifications, such as CompTIA Security+, CISSP, or CEH.
• Experience with patch management and configuration management.
• Familiarity with security frameworks and standards, such as NIST, ISO 27001, or CIS Controls.
• Scripting experience (e.g., PowerShell, Python) for automating security processes.