Secops Engineer

We are seeking a highly motivated and skilled SecOps Engineer to join our growing support team. The ideal candidate will have a strong understanding of security best practices, a passion for automation, and a proactive approach to identifying and mitigating threats. This role will be instrumental in ensuring the confidentiality, integrity, and availability of our client’s critical systems and data.

The SecOps Engineer is a cybersecurity specialist who focuses on assessing, and mitigating threats and vulnerabilities within an organization's IT infrastructure.

Primary Responsibilities

• Threat Intelligence: Monitor threat intelligence feeds and industry news to stay informed about emerging threats and vulnerabilities.
• Analyse threat intelligence data and reports and identify potential risks to Conosco and our client.
• Vulnerability Management: Prepare, plan and action vulnerability remediation from system vulnerability reports.
• Vulnerability Tracking: Maintain an accurate inventory of known vulnerabilities and track their remediation progress.
• Management, deployment and remediation of Endpoint Security solutions and tooling.
• Monitoring, deployment and remediation of Data protection (Backup and Disaster Management).
• Triage and patching of Security Operations Centre (SOC) findings and alerts,
• Root Cause Analysis: Conduct root cause analysis of security incidents to identify the underlying causes and prevent future occurrences.
• Automation Development: Develop and implement security automation scripts and playbooks to streamline security tasks.
• Strong understanding of monitoring/remote management tools.

Experience and Qualifications:

Experience in the following is required:

• 3-5+ years of experience: In a cybersecurity or systems administration role.
• Hands-on experience: With security tools and technologies (IDS/IPS, firewalls, vulnerability scanners, etc.).
• Cloud environments: AWS, Azure, GCP
• Security automation
• Incident response: Handling and investigation
• Vulnerability management: Assessment, remediation, and tracking

Certifications

• CompTIA Security+: Foundational cybersecurity knowledge.
• SSCP (Systems Security Certified Practitioner): Focuses on technical aspects of information security.
• Cloud Security Certifications: AWS Certified Security Specialty, Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer
• Microsoft Security certification: AZ-500, SC-200, SC-300, SC-100 (Desirable)

Experience in the following is desirable

• Microsoft Azure Sentinel
• Scripting (KQL, PowerShell, Python, regex)
• Other security tools a bonus
• Control frameworks (ISO, PCI DSS, CIS, and/or NIST)
• 3+ years in a cybersecurity environment
• End Point Protection, Cloud Security, Managed Anti-Virus Services, CASB.
• Threat and security research and investigation
• Ability to provide information and audits and reporting for supported technologies.
• Present on risk findings and vulnerabilities in a client environment
• Conduct and develop security controls and put in measures to mitigate and prevent threats, vulnerabilities to prevent attacks on client environments
• Ability to create root cause analysis and reporting on events
• Qualys Vulnerability Management, Detection and Response
• N-able Remote Monitoring and Management

Soft Skills

• Ability to communicate with all levels of a client’s employees.
• Ability to present to C-level executives in a clear, concise and definitive way.
• Comfortable interacting with a remote team.
• Passion for all things CyberSec.
• Desire to protect clients and deliver value.
• Organised and detail orientated.