Sr. IT Security Ops Engineer (Hybrid)

About The Position

Requirements

• Bachelor’s degree in computer science, cybersecurity or a related field, or equivalent work experience
• At least 7 years of experience in security incident response, forensics or threat intelligence
• Proficiency with Security Incident Response tools and platforms, such as SIEM, EDR, SOAR and IRM
• Experience working with cloud-based environments such as AWS, Azure or GCP
• Strong knowledge of security frameworks, standards and best practices, including NIST, ISO and MITRE
• Ability to design security-relevant infrastructure as code (IaC)

Nice To Haves

• Certifications such as CISSP, GCIH, GCFA or CISM
• Hands-on experience assessing, implementing and managing third-party and cloud service provider security tools and services, such as Endpoint Protection Platforms (EPP), firewall and network security tools, intrusion detection and prevention systems (IDS/IPS), vulnerability management tools, web application firewalls (WAF), and identity and access management (IAM)
• Familiarity with advanced Microsoft Office features for data analysis and presentation of findings
• Demonstrated scripting capabilities with modern languages such as Python
• Program experience using languages such as Bash, PowerShell and Python
• Ability to collaborate, influence and negotiate with professionals at all levels, including leadership
• Strong interpersonal, verbal presentation and written communication skills
• Experienced in using threat intelligence services in a production environment
• Understanding of industry best practices and frameworks that support adoption, including NIST 800-53, PCI, CIS and CSA CCM

Responsibilities

• Overseeing the response to security incidents from identification through resolution; preparing and delivering incident reports, briefings and lessons learned to internal and external audiences
• Conducting forensic analysis, threat hunting and root-cause analysis related to security incidents
• Training and mentoring other Information Security Analysts, providing feedback and guidance to help solve new or complex problems
• Identifying areas to improve Information Security monitoring and detection capabilities; monitoring and analyzing emerging threats, vulnerabilities and exploits
• Developing and implementing scalable preventative security measures, including detection, monitoring and exploitation prevention
• Developing and delivering cybersecurity awareness training programs for employees, educating them on current threats and best practices
• Configuring alerting and automation within end point protection, incident detection and vulnerability management tools
• Helping plan, organize and conduct quarterly tabletop exercises to prepare the organization for security incidents

Benefits

• Bonus eligible
• Paid leave for new parents to support work/life balance and family bonding
• Excellent medical/dental and vision coverage—EPO, PPO and HSA
• 401(k) retirement plan with company contribution (because you will retire someday)
• Flexible benefits—choose what you like, ignore the rest
• On-site preschool for our employees’ children
• On-site employee gym for all levels/fitness needs
• Generous employee discount
• Casual dress…and we really mean it