Security Operations Lead

Tasks and Responsibilities:

• Strategize, Lead and Conducts monitoring and detection using logs from various tools and systems such as endpoint, network, servers, and identity

• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization

• Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity

• Reviews alerts and data from sensors, and documents formal, technical incident reports

• Works with threat intelligence and/or threat-hunting teams

• Provides network and infrastructure team with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

• Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts

• Correlates network, cloud and endpoint activity across environments to identify attacks and unauthorized use

• Researches emerging threats and vulnerabilities to aid in the identification of incidents

• Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

• Performs security standards testing against computers before implementation to ensure security

• Reviews and optimize security incident response procedures, threat intelligence analysis, log analysis, etc. within the team

Mandatory Requirements:

• University degree in computer science, information security, cybersecurity or a related field

• 3+ years of experience in red team/incident responder, security engineer or as security operations analyst

• Familiar with cloud security concepts and best practices, as well as the security features and capabilities of major cloud platforms such as AWS, Azure, and GCP.

• Familiar with security automation tools and techniques, and be able to use them to automate security tasks and improve the efficiency of the SOC.

• Experience in project management for implementing new security tools or developing new security policies and procedures.

• Proficient in English, both written and spoken

Advantages Skills/Experience

• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

• Self starter who can effectively influence others to modify their opinions, plans or behaviors

• Strong problem-solving and troubleshooting skills

• Knowledge of multiple security domains such as identity, network, systems, endpoint, security information and event management (SIEM) systems, security orchestration, automation, and response (SOAR) platforms, and other security tools and technologies