Associate Security Operations Engineer

About The Position

Requirements

• B.S. degree in Computer Science or equivalent experience.
• 1–2 years of experience in cybersecurity, IT operations, system administration, or network support.
• Demonstrated experience in security monitoring, log analysis, or incident response processes is preferred.
• Knowledge of security tools and platforms (e.g., SIEM, EDR, IAM, and network security controls), with familiarity using tools such as CrowdStrike and Okta is a plus.
• Knowledge of Cloud platforms and operations.
• Familiarity with the NIST Cyber Security Framework.
• Foundational understanding of cybersecurity principles, including threat detection, incident response, and vulnerability management.
• Familiarity with common attack vectors and threats such as phishing, malware, and credential compromise.
• Basic knowledge of IT infrastructure, including networking (TCP/IP, DNS), operating systems (Windows/Linux), and cloud environments.
• Understanding of logging, monitoring, and alerting concepts used in security operations.
• Analytical and problem-solving skills with the ability to investigate alerts and identify potential security concerns.
• Ability to triage and prioritize security events based on risk, severity, and business impact.
• Strong attention to detail when reviewing logs, alerts, and system activity.
• Ability to follow established processes, playbooks, and standard operating procedures.
• Effective written and verbal communication skills for documenting incidents, escalating issues, and collaborating with team members.
• Basic technical troubleshooting skills across systems, endpoints, and network components.
• Ability to think critically and distinguish between false positives and legitimate security threats.
• Ability to collaborate with cross-functional teams, including IT, security, and business stakeholders.
• Ability to recognize when to escalate issues and seek guidance appropriately.
• Willingness to continuously learn and adapt to new technologies, tools, and evolving cybersecurity threats.
• Working knowledge of system and network security engineering best practices, operating systems and application auditing.
• Strong written and verbal communication skills.
• Strong planning and task management skills.

Nice To Haves

• Microsoft and Security Certifications are highly desired.
• Experience working in cloud environments including AWS is a plus.
• Basic scripting or automation experience (e.g., Python, PowerShell) to automate routine functions is a plus.

Responsibilities

• Monitor and support enterprise security tools, including SIEM, EDR, identity platforms, and cloud security solutions, to detect potential threats and anomalous activity.
• Review, triage, and escalate security alerts in accordance with established procedures and playbooks.
• Assist in incident response activities, including investigation, containment, documentation, and post-incident analysis.
• Support cyber threat hunting efforts by analyzing logs, endpoint data, and system activity to identify indicators of compromise or suspicious behavior.
• Support proactive cyber threat hunting and detection engineering efforts to improve overall security posture.
• Assist with the collection and analysis of security event data from multiple sources (endpoints, network, identity, cloud platforms).
• Help maintain and tune detection rules, alerts, and monitoring configurations to improve visibility and reduce false positives.
• Document incidents, findings, and response actions in ticketing and case management systems.
• Collaborate with senior engineers and cross-functional teams to support remediation and recovery efforts.
• Support vulnerability management activities by tracking findings and assisting with remediation follow-up.
• Assist in maintaining and updating security operations playbooks, runbooks, and standard operating procedures.
• Participate in continuous monitoring and operational readiness activities.
• Stay current on emerging threats, attacker techniques, and security best practices.
• Monitor industry trends for changes in compliance challenges and contribute to organization planning, policy and procedure changes in response.
• Assist in the development and refinement of security detection use cases aligned to threat intelligence and organizational risk.
• Support audit, compliance, and regulatory activities (e.g., NIST CSF, SOC 2, CJIS) by gathering evidence, logs, and documentation.
• Help validate security controls through participation in internal assessments, tabletop exercises, and incident simulations.
• Contribute to continuous improvement of SOC processes, including alert triage workflows and escalation procedures.
• Assist in integrating and onboarding new security tools and log sources into monitoring platforms.
• Support metrics and reporting efforts, including tracking incident trends, response times, and tool effectiveness.
• Participate in knowledge sharing and team training activities to build security operations maturity.
• Maintain awareness of evolving threat landscape, including common attacker tactics, techniques, and procedures (TTPs).
• Protect the confidentiality, integrity, and availability of CSBS information and information systems in accordance with CSBS policies and procedures.

Benefits

• Work-life balance
• Strong, supportive relationships
• Opportunities for professional and personal growth
• Collaboration
• Teamwork