Security Operations Engineer

About The Position

Requirements

• Bachelor’s degree in technology or applicable experience.
• 5+ Years of experience within information security operations in multiple roles.
• 3+ years of experience with cloud infrastructure (AWS, GCP, Azure) and O365 services and technology
• 3+ years of experience with security incident response and operations
• 2+ years of experience defining, refining, and driving efficiency in operational processes.
• Extensive experience with, but not excluded to: TCP/IP, DNS, WAF, SEIM, and SOAR technologies.
• Experience working with and managing Active Directory / MS Entra ID
• Experience with SOAR (Security Orchestration, Automation, and response)
• Experience with KQL and SPL or other Query Languages
• Experience with powershell, python, and shell scripting
• Knowledge of information security standards, principles, and practices required.
• Knowledge of industry security standards, guidelines, and regulatory/compliance requirements related to information security such as ISO 27001, NIST 800-53, SOC2, PCI, SOX, etc.
• Knowledge of Windows Event and network device logging
• Knowledge of email transmission, routing, and authentication concepts including, SMTP, SPF, DKIM and DMARC
• Prioritization, decision making, critical thinking, communication, and relationship building skills
• Ability to work independently and in a team environment.

Nice To Haves

• Related certifications (e.g., GSEC, CISSP, GIAC, AWS) preferred.

Responsibilities

• Manages and is responsible for the successful completion of all tasks in assigned projects.
• Contribute to Security Operations and Engineering Team focused on maintaining the security integrity of HUBs’ mission critical suite of applications.
• Available 24/7 for any critical security incident response that may arise which requires immediate resolution.
• Work to ensure security tooling within HUB environments are operational and operating at needed levels of service and availability.
• Contribute to practice continuous improvement in response playbooks and security tooling.
• Contribute to operations KPIs to measure operational performance.
• Maintains current knowledge of relevant information security technology and techniques, bringing forth ideas for modernization and improvement.
• Ensure operational practices provide a sound foundation that utilizes tools and processes for rapid identification of security events to address and mitigate risks.
• Engage with peers regularly on security operations functions, project status, activities, and achievements.
• Contribute to “Continuous Improvement and Posture Management” efforts, in respect to HUB’s information security tooling and systems.
• Assist in Plan, organize, and execute multiple responsibilities to achieve project goals and provide technical leadership to move operational projects to completion.
• Contribute to security requirements, standards, procedures, and reference architectures to comply with policies and technical standards.
• Evaluation of vulnerability analysis, endpoint, and security tooling packages to ensure acceptable levels of efficacy are met.
• Contribute in root-cause analysis for security incidents and events, establish preventive measures, mitigations, or remediations.
• Contribute to weekly and monthly posture and response operations reporting.
• Assist in the configuration of new applications, infrastructure for needed telemetry for security operations.
• Contribute to the analysis and recommendation of upgrades, changes, implementation specific to the support and scaling of HUB’s security operations.
• Support the HUB Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews

Benefits

• HUB International is proud to offer comprehensive benefit and total compensation packages which could include health/dental/vision/life/disability insurance, FSA, HSA and 401(k) accounts, paid-time-off benefits such as vacation, sick, and personal days, and eligible bonuses, equity and commissions for some positions.