Job Description
Job Description Job Summary As a Senior Information Security Engineer in our Security Operations Center (SOC), you will play a pivotal role in safeguarding the organization's digital assets. You will leverage your expertise in areas such as network security, application security, and cloud security to implement robust security measures. Your leadership skills will be essential as you mentor junior team members and lead various security projects and strategic initiatives. You'll be expected to work proficiently with tools and technologies, including SIEM, SOAR, and IDS/IPS systems, to detect and respond to security threats effectively. Preferred candidates will have relevant certifications such as CISSP, CISM, or CEH and substantial experience in the field. This role demands strong communication skills for effective collaboration with cross-functional teams and to articulate complex security issues to non-technical stakeholders. You'll contribute to the continuous improvement of security practices, staying informed about emerging threats and technologies. Additionally, your responsibilities will include ensuring compliance with relevant regulations, participating in risk assessment, and shaping security policies to align with the organization's strategic vision. This position offers a unique opportunity to work closely with other senior engineers, enhancing your skills while significantly contributing to the organization's strong security posture.
Job Responsibilities: - Design and Implementation Leadership: Take an active role, and when necessary, lead the design, implementation, maintenance, and management of comprehensive information security projects and initiatives within the Security Operations team. Your efforts will ensure the confidentiality, integrity, and availability of the company's information assets.
- Incident Response Coordination: Spearhead or assist in the coordination and execution of incident response activities. This includes identifying, investigating, and documenting security incidents, adhering to established protocols, and collaborating with senior engineers to achieve effective resolution.
- Platform Management: Lead or contribute to the deployment, implementation, and maintenance of SIEM and SOAR platforms to enhance incident response capabilities and optimize security operations.
- Threat Monitoring and Analysis: Vigilantly monitor security events and manage ongoing incident response efforts to ensure prompt and efficient threat detection, analysis, and containment.
- Industry Engagement: Actively engage with industry forums, security communities, and regulatory bodies to stay abreast of emerging security threats and regulations. Represent the company's interests and contribute to industry-wide security initiatives.
- Cross-Department Collaboration: Work collaboratively with IT, network, and development teams to ensure the seamless integration of security practices across all technological areas of the organization.
- AI Integration and Application: Utilize pre-trained AI models, such as those from OpenAI, for security applications, including enhancing threat intelligence, automating threat detection and response, and performing data analytics. Ensure AI solutions are deployed ethically and align with cybersecurity strategies within secure environments.
- Internal Advocacy and Awareness: Engage actively in internal groups such as Technical Advisory Boards (T-CAB), Communities of Practice, and cohorts to promote security best practices and foster a culture of security awareness across the organization.
- Process Improvement and Innovation: Contribute innovative ideas to refine security processes and documentation, ensuring alignment with industry best practices to continually bolster the organization's security framework.
- Evaluation and Integration of New Technologies: Lead or participate in assessing and integrating new security solutions and technologies to enhance the organization's defense capabilities.
Job Qualifications: - Minimum 3-5 years of relevant experience in Information Security or Information Technology.
- Bachelor's degree in Information Security, Computer Science, Information Technology or a related field and/or commensurate experience.
- Strong understanding of information security principles and secure event log analysis
- Experience with SIEM (Security Information and Event Management) systems and tools.
- Experience in scripting and programming (e.g., Python, PowerShell) is a plus.
- Strong analytical skills and attention to detail.
Preferred Skills: - Expertise in incident response, security monitoring, and automation.
- Experience designing, implementing, and maintaining security monitoring solutions (QRadar, Sentinel, Elastic, Graylog)
- Experience designing, implementing, and maintaining security Automation solutions (Swimlane, Phantom, Tines, Torq)
- Deep understanding of security logs, monitoring, and rule writing.
- Strong analytical, problem-solving, and management skills.
- Knowledge of security best practices and security solutions.
- Knowledge of network security best practices.
- Experience in a cloud-based environment (Azure and AWS).
- Scripting and programming knowledge (PowerShell, Python, Golang, JavaScript)
Behavioral Competencies: - Cultivates Innovation
- Collaborates and Communicates Effectively
- Strategic Mindset
- Decision Quality
- Result Driven
- Plans and Aligns
- Manages Conflict and Complexity
- Mentors and Develops Others
Technical Skills: - Incident Response
- Security Monitoring
- Threat Intelligence
- Identity Management
- Encryption Techniques
- Knowledge of data protection controls
- Excellent organizational skills
- Knowledge of common web technologies, enterprise, and network architecture
- Knowledge of or demonstrated experience with defense in depth, trust levels, privileges, and permissions.
Certifications: Pursuing industry recognized security certifications, such as
- ISC(2)
- CISSP, CCSP, CSSLP, ISSEP, ISSAP, ISSMP
- GIAC (Global Information Assurance Certifications)
- GCIH, GMON, GSOC, GDSA, GCDA, GISF, GSLC
- ISACA
- CISM, CRISC, CDPSE, CET, CSX-P
This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.
Job Tags