Principal Information Security Operations Engineer

Matson Navigation-posted 10 months ago
$135,800 - $196,820/Yr
Senior
Oakland, CA
Water Transportation
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Matson has been the leading ocean shipping and logistics provider throughout the Pacific since 1882. We are the supply chain lifeline for Hawaii, Alaska, Guam, and islands of the South Pacific. We also offer the top two ocean shipping services in the world's largest trade lane - Asia to the U.S. West Coast. With our subsidiaries Matson Terminals and Matson Logistics, our business focus is exceeding customer expectations with quality, reliability, and integrity. We strive to operate in an environmentally sustainable manner and promote land-based environmental programs in Hawaii, Guam, and Alaska. We help improve the communities in which we work and live through our community giving program that annually supports hundreds of local organizations. And we work to improve diversity, equity and inclusion in our company, communities and industry through an active social equity program. Matson is a great place to work, and everyone who works with us becomes part of the Matson ohana or family. Join our team and help us move freight better than anyone.

  • Manage day-to-day security operational tasks such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, and monitoring and responding to emerging threats varying from endpoint to server to public cloud.
  • Lead all security-related events and incidents that come into the team's various queues (including triage, containment, and remediation when necessary).
  • Follow standard operating procedures (SOPs) to ensure security events are triaged appropriately and in a timely manner, according to SLAs.
  • Understand the various stages of the incident response lifecycle and the analytical mindset when it comes to triage and investigations.
  • Act as primary support contact for security incidents and provide direction to infrastructure and applications teams to initiate incident response.
  • Perform root cause analysis to continuously improve prevention, detection, reaction, and remediation capabilities.
  • Ensure systems, networks, and applications are monitored for security breaches, intrusions, and unusual activity.
  • Investigate and respond to security events and incidents, including performing root cause analysis, identifying vulnerabilities, and implementing remediation measures.
  • Respond to phishing attacks by tracking down and recalling malicious e-mails; contact users who may be impacted.
  • Participate in off-hours on-call rotation, as required, and necessary.
  • Liaise with internal and external parties, including Managed Security Services Provider, computer forensics specialists, and additional incident responders, to address security concerns.
  • Assist in managing the organization's logging environment providing fundamental knowledge of license managers, indexers, and search heads.
  • Develop SOAR playbooks to minimize security incident response time and develop advanced techniques to identify and mitigate vulnerabilities.
  • Understand security incident response plans and procedures, ensuring their effectiveness through regular testing and exercises.
  • Collaborate with cross-functional teams to ensure security controls, infrastructure, and tools are implemented and maintained throughout the organization.
  • Conduct research on emerging security threats and trends and recommend appropriate security measures and countermeasures.
  • Assist in developing security policies, controls, and procedures to support the full life cycle protection of critical assets, networks, cloud environments, and sensitive information.
  • Perform periodic testing for compliance with documented security policies, procedures, and standards.
  • Support metrics reporting on security operations functions.
  • Strong information security operations analytical skills, including those commonly handled by a Security Operations Center (SOC), including SOC Tier 2 and 3 level skills.
  • Strong knowledge of network security protocols, tools, and technologies (BGP, TCP/IP layers, DNS, SMTP, SSL, etc.).
  • Strong understanding of network and system architecture, including cloud-based environments (AWS).
  • Experience and knowledge of network firewalls, network monitoring tools and other IDS/IPS.
  • Experience with security incident response and handling techniques.
  • Proficiency in using SIEM tools for log analysis and correlation.
  • Familiarity with vulnerability management tools and processes.
  • Technical knowledge in system and network security, authentication and security protocols, and application security.
  • Strong understanding of web technologies - protocols, programming techniques, browsers, etc.
  • Familiarity with common tools such as Splunk, Microsoft Defender, Proofpoint, Office 365, PowerShell, and various network tools.
  • Experience in distributed systems and cloud-based architecture including Amazon AWS, Microsoft Azure, and the native security tools available in these environments.
  • Familiarity with Unix/Linux, Windows, SQL, macOS, shell scripting, and various other technologies.
  • Strong security research and root cause analysis skills to identify and analyze potential security vulnerabilities.
  • Superior professional written and verbal communication that includes the capability to translate highly technical material to communicate with executives.
  • Ability to work effectively both independently and in a team environment.
  • Strong understanding of web vulnerabilities and weaknesses (cross-site scripting, cross-site request forgery, etc.).
  • Strong problem solving, conflict resolution and negotiation skills.
  • Highly collaborative with the ability to influence and work with many internal stakeholders.
  • Relevant security certifications such as CISSP, CEH, or GIAC certifications are preferred.
  • Customer service experience/Strong customer focus to analyze customer reported security issues.
  • Bachelor's degree in computer science, Information Security, or a related field is a plus.
  • Certifications is a plus - GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), etc.
  • The annual salary range is posted for this position in California is $135,800 - $196,820. The salary offered will depend upon qualifications and other operational considerations.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Operations Engineer Resume Examples
Operations Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service