Senior Information Security Engineer

Job DescriptionJob Description

Role Overview:
We are seeking a seasoned cybersecurity operations professional to join our 24/7/365 Security Operations Center (SOC). This role involves managing and responding to a wide range of operational security tickets—such as firewall changes, access escalations, phishing reports, certificate requests, vulnerability coordination, and more. You'll also be responsible for triaging and conducting initial investigations on alerts, and collaborating closely with Tier 2 SOC and Incident Response teams to escalate, document, and analyze security events.

Key Responsibilities:

• Respond to and manage incoming security tickets, including firewall requests, phishing reports, access escalations, certificate issues, and control validation.

• Monitor and triage security alerts within the SOC, initiating investigations and escalating incidents as needed.

• Collaborate with Tier 2 SOC and Incident Response teams for escalated events, contributing to incident documentation and post-incident reviews.

• Participate in an on-call rotation, covering overnight and weekend shifts as part of a 24/7/365 SOC environment.

• Maintain and improve documentation, SOPs, and operational workflows to ensure consistent execution of security operations.

• Manage the Information Security service desk, ensuring timely triage and resolution of inbound security issues.

• Escalate complex incidents to appropriate subject matter experts and follow through to resolution.

• Support the planning and execution of tabletop exercises to strengthen incident response readiness.

• Assist in the execution of recurring security programs such as access reviews, control assessments, and compliance-related tasks.

• Identify and implement opportunities to enhance ticket handling, process efficiency, and knowledge base resources.

• Collaborate with internal stakeholders to streamline operational processes and promote automation.

• Help gather evidence and respond to audit or control-related requests in coordination with cross-functional teams.

• Contribute to the development and reporting of key operational metrics to support prioritization and performance monitoring.

Required Qualifications:

• Minimum of 5 years of experience in cybersecurity operations, SOC, or a related security function.

• Strong knowledge of SIEM platforms, endpoint protection solutions, and ticketing/workflow systems.

• Hands-on experience with security incident response, including investigation and mitigation of threats such as malware, phishing, and network intrusions.

• Familiarity with cloud security principles and environments (e.g., AWS, Azure).

• Proficiency in basic scripting or automation (e.g., Python, PowerShell, or workflow automation tools).

• Excellent analytical and problem-solving skills, with the ability to work collaboratively across Security, IT, and Compliance teams.

• A growth mindset and eagerness to learn and contribute to a high-performing security organization.
  
  #itacceljobs