Cybersecurity Operations Engineer
About The Position
The corporate office of Express Employment International is hiring a Cybersecurity Operations Engineer responsible for supporting and enhancing the organization’s cybersecurity operations capabilities through proactive monitoring, incident response, threat detection, vulnerability management, and security platform administration. This role works closely with infrastructure, cloud, development, and business teams to identify, analyze, and mitigate cyber risks while continuously improving the organization’s overall security posture. The engineer will support day-to-day security operations activities and contribute to strategic cybersecurity initiatives across enterprise environments. This position sits within our Oklahoma City based corporate office, currently with an expectation to be onsite 80% of the time.
Requirements
- Bachelor’s degree in computer science, Information Security, Engineering, or a related field
- Equivalent professional experience may be considered in lieu of a degree
- 3 –5 years of experience in cybersecurity operations, security engineering, or incident response
- Experience working with SIEM, EDR, vulnerability management, and security monitoring platforms
- Experience supporting enterprise security operations in hybrid or cloud environments preferred
- Experience with Microsoft security technologies preferred
Nice To Haves
- Security+, CySA+, GSEC, SSCP, CISSP, or similar cybersecurity certifications
- Microsoft, AWS, Azure, or cloud security certifications preferred
Responsibilities
- Monitor security alerts and events across SIEM, EDR, email security, cloud, and network security platforms
- Investigate and respond to cybersecurity incidents, suspicious activity, and policy violations
- Perform triage, containment, eradication, and recovery activities during security incidents
- Document incidents, findings, and remediation actions according to established procedures
- Participate in after-hours incident response activities as needed
- Analyze logs and telemetry from multiple security tools and systems to identify indicators of compromise and malicious activity
- Develop and tune detection rules, alerts, and correlation logic within SIEM and security monitoring platforms
- Conduct proactive threat hunting activities to identify emerging threats and vulnerabilities
- Support implementation and optimization of cybersecurity monitoring capabilities
- Support vulnerability scanning and remediation processes across servers, endpoints, applications, and cloud environments
- Validate vulnerabilities, prioritize remediation efforts, and track mitigation progress
- Collaborate with infrastructure and application teams to remediate security findings
- Assist with patch management coordination and verification activities
- Configure, maintain, and support cybersecurity tools including SIEM, EDR, email security, identity security, and vulnerability management platforms
- Ensure security tools are operating effectively and integrated properly across the enterprise
- Support onboarding of log sources, systems, and cloud services into monitoring platforms
- Support compliance initiatives, audits, and evidence collection activities
- Maintain security operations documentation, procedures, playbooks, and runbooks
- Assist with security assessments, policy enforcement, and risk management activities
- Contribute to continuous improvement of cybersecurity operational processes
- Partner with IT, infrastructure, cloud, and engineering teams to strengthen enterprise security controls
- Provide guidance and support for secure operational practices
- Participate in cybersecurity awareness and operational readiness initiatives
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
