We are looking for a SecOps Engineer.
The SecOps Engineer plays a critical role in the detection, analysis, and response to cybersecurity threats. This position is responsible for monitoring security systems, managing incidents, improving security tooling, and ensuring that the companys infrastructure and data remain protected from malicious actors.
The Role:
Threat Monitoring and Response
Monitor SIEM and EDR platforms for security events and anomalies.
Perform initial analysis and triage of security alerts to determine severity and impact.
Respond to incidents according to playbooks and escalate as necessary.
Security Tooling and Automation
Maintain and tune detection rules across security tools (SIEM, IDS/IPS, EDR).
Develop and improve scripts and automation to streamline incident response and reporting.
Assist with integration of security tooling with other systems (e.g., ticketing, monitoring).
Incident Management
Investigate security incidents to identify root cause, containment strategies, and remediation plans.
Work with cross-functional teams (IT, DevOps, Engineering) to resolve vulnerabilities or misconfigurations.
Vulnerability Management
Support regular scanning and analysis of vulnerabilities across endpoints, servers, and cloud environments.
Coordinate remediation efforts with infrastructure and application teams.
Documentation and Reporting
Maintain clear and concise documentation of incidents, findings, and improvements.
Generate periodic security metrics and incident reports.
Vendors and Tools
Help research new security tools and techniques to improve companys overall maturity
Assist with reviewing new and existing vendors
Go-To Market
Assist with responding to customer inquiries regarding company security posture / practices.
Requirements: Bachelors degree / Practical Engineer in Computer Science, Cybersecurity, Information Systems, or equivalent experience.
25 years of experience in security operations or a similar role.
Ability to develop and execute plan.
Experience with cloud environments (AWS, Azure, GCP) and associated security tools.
Proficiency with SIEM platforms (e.g., Splunk, Sentinel, QRadar).
Experience with EDR platforms (e.g., CrowdStrike, SentinelOne).
Strong knowledge of TCP/IP, network security architecture, and system-level security principles.
Familiarity with scripting languages (Python, PowerShell, Bash) and automation tools.
Security certifications (e.g., CCSP, CISSP, GSEC, GCIA, GCIH, CEH, or equivalent).
Cloud certification from one or more of the major cloud vendors.
Knowledge of MITRE ATT&CK framework.
Familiarity with SOC 2, ISO 27001,NIST and GDPR.
This position is open to all candidates.