https://bayt.page.link/A7pvkUG6XuTQrKeRA
Create a job alert for similar positions

Job Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!


Job Summary:As a Security Operations Engineer, you will be an integral part of Qualys SOC (Security Operation Center) and CSIRT (Cyber Security Incident Response Team)contributing to the day-to-day activities aimed at monitoring, analyzing, and responding to security incidents. This role requires a solid understanding of security technologies, incident response, and a proactive approach to identifying and mitigating potential threats.


Responsibilities:


Security Monitoring and Analysis:


  • Monitor security alerts using SIEM tools, analyzing logs, network traffic, and system events to identify potential security incidents.
  • Investigate and respond to alerts, ensuring a timely and effective resolution.

Incident Response:


  • Participate in incident response activities, assisting in the identification, containment, eradication, and recovery from security incidents.
  • Document incident response activities and contribute to post-incident reports.

Threat Intelligence Support:


  • Assist in the integration of threat intelligence into security operations processes to enhance detection capabilities.
  • Stay informed about the latest cybersecurity threats and vulnerabilities.

Security Infrastructure Support:


  • Support the management and optimization of security infrastructure, including intrusion detection/prevention systems, firewalls, and endpoint protection solutions.
  • Participate in the configuration and fine-tuning of security technologies.

Automation and Orchestration:


  • Contribute to the development and implementation of automation scripts and workflows to streamline repetitive security tasks.
  • Collaborate with other teams to integrate security processes into broader IT automation frameworks.

Continuous Improvement:


  • Identify areas for improvement in security operations processes and technologies.
  • Participate in the implementation of enhancements and optimization of existing security measures.

Collaboration and Communication:


  • Collaborate with other security teams, IT teams, and external partners to address security incidents and improve overall security posture.
  • Communicate effectively with stakeholders, providing updates on incidents and security operations activities.

Training and Knowledge Sharing:


  • Participate in training sessions to enhance skills and knowledge related to security operations.
  • Contribute to knowledge-sharing initiatives within the security operations team.

Key Skills:


  • Familiarity with security tools, including SIEM solutions, intrusion detection/prevention systems, and endpoint protection.
  • Basic understanding and experience in incident response activities.
  • Must be familiar will various log sources and investigation approach depending on various kind of incidents. Should understand the correlation between log sources as needed for investigation.
  • Analyze network and host activities associated with both successful and unsuccessful intrusions by threat actors basis perimeter security logs.
  • Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
  • Should have worked in third party security monitoring tool to research, document and respond on the security incidents.
  • Monitor SIEM and other security tools alerts for anomalous or suspicious activity; research alerts and make recommendations to remediate concerns.
  • Analyze, correlate and action on data from subscription and public cyber intelligence services, develop tactics to combat future threats, and follow the Incident Response Plan for required response.
  • Awareness of threat intelligence concepts and their relevance to security operations.
  • Basic knowledge of scripting (Python, PowerShell, etc.) to support automation efforts.
  • Understanding of security infrastructure components and their role in safeguarding the organization
  • Strong problem-solving skills to analyze and respond to security incidents effectively.
  • Effective communication skills to convey technical information to team members and stakeholders.
  • Ability to collaborate with team members and other departments to achieve security goals

Qualifications:


  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 2+ years of experience in a security operations role or a related cybersecurity position.
  • Understanding of cybersecurity principles and best practices.
  • Basic knowledge of networking concepts and protocols.
  • Security certifications (e.g., CompTIA Security+, SANS GIAC) are a plus.
  • EDR/XDR – Hands on administrating and monitoring any of this product is desirable (Qualys EDR/XDR, Cisco AMP, Carbon Black, Crowdstrike, TrendMicro,Microsoft Sentinel one etc)
  • Advanced analytics – UEBA
  • Automation - SOAR
  • Willingness to pursue additional certifications and training in cybersecurity.
  • Strong analytical and problem-solving abilities.
You have reached your limit of 15 Job Alerts. To create a new Job Alert, delete one of your existing Job Alerts first.
Similar jobs alert created successfully. You can manage alerts in settings.
Similar jobs alert disabled successfully. You can manage alerts in settings.