Security Operations Engineer

Position: Security Operation Engineer

Summary

The Security Engineer will collaborate with teams to design fine-grained technical controls around access to sensitive datasets and ensure their compliance with regulatory requirements, while providing strong technical support to enable confident and efficient technical decision-making.

This role typically follows a standard business week, but occasional weekend or out-of-hours work may be required.

Responsibilities (Other duties may be assigned):

1. Carry out host-based vulnerability assessments.
2. Drive the remediation of identified vulnerabilities across multiple departments.
3. Monitor and respond to security alerts.
4. Support incident response efforts in case of security breaches.
5. Support and enhance existing security services for cloud environments.
6. Collaborate across teams to remove blockers and facilitate implementation.
7. Work with internal and external support teams.

Education and Experience

• College degree or equivalent work experience.
• 7-10 years in Information Technology with a comprehensive security operational background.
• Experience with security frameworks such as NIST, MITRE, CIS, ISO, and SOC2.
• Hands-on experience configuring cloud technologies.

Knowledge, Skills, and Abilities

• Extensive knowledge of cloud operations and automation.
• Deep understanding of security practices related to access control, application security, network security, and security strategy.
• Knowledge of regulatory data requirements in cloud environments, aligned with standards like HIPAA and GDPR.
• Basic understanding of containerization technology.
• Strong knowledge of privileged access management, vulnerability management, and threat intelligence.
• Ability to build effective relationships with technical and business stakeholders.
• Strong root cause analysis, problem-solving, and analytical skills.
• Excellent communication skills for incident and stakeholder management.
• Ability to document operational processes and procedures effectively.
• Adaptability to fast-paced environments and project prioritization skills.

Technical Skills

• Basic understanding of DevOps tools such as GitHub, Jenkins, Nexus, Ansible, etc.
• Basic understanding of SecOps tools like Rapid7, Cloud Conformity, SUMO Logic, etc.
• Proficiency with Amazon Web Services (AWS), including the shared responsibility model, KMS, CloudTrail, CloudWatch, CloudFormation, Lambda, and GuardDuty.
• Extensive knowledge of SIEM and SOAR tools.
• Proficiency in Linux, Node.js, YAML, and JSON.

Language Skills

• Proficient in spoken and written English.