Senior Security Operations Engineer

About The Position

Requirements

• Demonstrated hands-on experience implementing and operating enterprise cybersecurity tools in production environments.
• Strong operational experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, ArcSight)
• Strong operational experience with EDR platforms (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne)
• Strong operational experience with IDS/IPS technologies (e.g., Snort, Suricata, Palo Alto, Cisco Firepower)
• Strong operational experience with vulnerability management tools (e.g., Tenable Nessus, Qualys, Rapid7)
• Strong operational experience with log management and monitoring solutions
• Strong operational experience with SOAR and security automation platforms
• Strong operational experience with cloud security platforms and native cloud security tooling

Responsibilities

• Architect, deploy, configure, administer, and maintain enterprise security operations tools and technologies in production environments.
• Manage and optimize Security Information and Event Management (SIEM) platforms including log ingestion, correlation rules, alert tuning, dashboard development, use-case creation, and operational monitoring.
• Deploy, administer, and maintain Endpoint Detection and Response (EDR) solutions to support endpoint visibility, threat detection, containment, and remediation activities.
• Configure and manage Intrusion Detection and Prevention Systems (IDS/IPS), network security monitoring tools, and threat detection technologies to identify and respond to malicious activity.
• Administer vulnerability management platforms, conduct authenticated and unauthenticated vulnerability scans, validate remediation activities, and support enterprise vulnerability reduction initiatives.
• Manage enterprise log management and security monitoring platforms, ensuring collection, normalization, retention, and analysis of security-relevant telemetry across servers, endpoints, applications, cloud platforms, and network devices.
• Implement and support cloud security technologies across AWS, Azure, and/or Google Cloud environments, including cloud-native monitoring, workload protection, identity security, and compliance monitoring capabilities.
• Perform hands-on system integration, tool deployment, platform upgrades, patching, troubleshooting, and operational maintenance activities for security technologies.
• Develop detection engineering content including SIEM correlation rules, EDR detections, IOC-based alerts, behavioral analytics, and automated response workflows.
• Support cyber operations activities including continuous monitoring, threat hunting, incident detection, containment, eradication, and recovery efforts.
• Collaborate with infrastructure, network, cloud, and application teams to integrate security controls and improve enterprise security posture.
• Create technical documentation, standard operating procedures, architecture diagrams, implementation guides, and operational runbooks.