Security Operations Engineer

The Opportunity

We are seeking a highly motivated and experienced Security Operations Engineer to join our dynamic Security Operations team. You will be a critical member of our front line, responsible for monitoring, analyzing, and responding to security incidents. This role will involve a blend of technical tasks, threat hunting activities guided by our AI platform, and a commitment to continuously improving our security posture. You'll work directly with our AI-powered tools and contribute to their refinement, ensuring they remain at the forefront of threat detection.

What You'll Do:

• Incident Response: Lead and participate in security incident response activities, from initial detection to remediation and post-incident analysis.
• Security Monitoring & Analysis: Monitor security alerts and logs from various sources (SIEM, IDS/IPS, endpoint detection and response (EDR), cloud security tools, network traffic analysis) and perform in-depth analysis to identify and validate threats.
• Threat Hunting: Proactively hunt for threats leveraging our AI-powered threat intelligence platform and engaging in behavioral analysis. Develop and refine threat hunting methodologies.
• Security Tooling: Configure, maintain, and optimize security tools and technologies (SIEM, EDR, IDS/IPS, firewalls, vulnerability scanners).
• Automation: Automate repetitive tasks and security processes using scripting and orchestration tools (e.g., Python, Ansible, SOAR platforms).
• Vulnerability Management: Participate in vulnerability scanning, assessment, and remediation efforts.
• Collaboration & Communication: Work closely with other security team members, IT operations, and development teams to address security concerns and implement security best practices. Clearly communicate technical findings to both technical and non-technical audiences.
• Continuous Improvement: Contribute to the development and improvement of security processes, procedures, and documentation. Stay abreast of emerging threats and technologies.
• AI Integration: Provide feedback and collaborate with the data science team to improve the accuracy and effectiveness of our AI-powered security solutions.

Business Qualifications

• Experience: 3+ years of experience in a Security Operations, Incident Response, or related role.
• Technical Skills:
  • Strong understanding of networking protocols (TCP/IP, DNS, HTTP/HTTPS).
  • Experience with SIEM solutions (e.g., Splunk, Elastic Stack, QRadar).
  • Proficiency with endpoint detection and response (EDR) tools (e.g., CrowdStrike, SentinelOne, Carbon Black).
  • Familiarity with cloud security principles and practices (AWS, Azure, GCP).
  • Scripting experience (e.g., Python, Bash).
  • Experience with vulnerability scanners (e.g., Nessus, Qualys).
• Security Knowledge: Solid understanding of common attack vectors, malware, and security vulnerabilities.
• Analytical Skills: Ability to analyze security events, identify patterns, and draw conclusions.
• Communication Skills: Excellent written and verbal communication skills.
• Problem-Solving: Strong problem-solving skills and a proactive attitude.

Preferred Qualifications

• Security certifications (e.g., CISSP, Security+, CEH, GCIH).
• Experience with SOAR platforms (e.g., Demisto, ServiceNow).
• Experience with threat intelligence platforms.
• Familiarity with AI/ML concepts as applied to cybersecurity.
• Contributions to the security community (e.g., blog posts, open-source projects).

Why Join Us?