Job Description
Summary:
The SecOps Engineer plays a crucial role in ensuring the security of an organization’s IT infrastructure. This role is focused on monitoring, analyzing, and responding to security threats and incidents, while supporting the development and implementation of security policies and best practices. The SecOps Engineer will work closely with IT and other departments to ensure security measures are in place, assist in vulnerability management, and help investigate security breaches. This position requires a proactive and analytical mindset to stay ahead of emerging cybersecurity threats and technologies.
Key Responsibilities:
- Security Monitoring & Incident Response: Monitor and analyze security alerts, incidents, and events to identify potential threats or vulnerabilities in real-time. Respond promptly to security incidents, providing timely and accurate escalation and resolution.
- Vulnerability Assessment & Management: Conduct regular vulnerability assessments, identify risks, and assist with the implementation of vulnerability management processes to mitigate potential security threats.
- Security Tool Management: Support the maintenance and management of security tools and technologies such as firewalls, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Mobile Device Management (MDM) systems.
- Security Policies & Protocols: Assist in the development, implementation, and enforcement of security policies, procedures, and protocols to ensure compliance with organizational and regulatory requirements.
- Collaboration & Best Practices: Collaborate with IT and cross-functional teams to ensure security best practices are followed, and security controls are implemented effectively across the organization.
- Investigation & Forensics: Assist in investigating security breaches and incidents, performing root cause analysis, and supporting incident response and forensics efforts to determine impact and prevent future occurrences.
- Emerging Cybersecurity Trends: Stay up-to-date with the latest cybersecurity threats, technologies, and best practices. Evaluate new tools and techniques to enhance security posture.
- Disaster Recovery & Incident Reporting: Contribute to the preparation and maintenance of disaster recovery plans, ensuring the ability to quickly recover from cybersecurity events. Document and report on incidents, emerging threats, and security posture.
