SecOps Analyst - Enterprise Security

About The Role

• Lead incident response efforts, including investigation, containment, eradication, and recovery of security incidents
• Monitor and analyze security events using Elastic SIEM, developing and maintaining detection rules and alerts
• Design and implement security automation workflows to streamline operations and reduce response times
• Manage and enhance cloud security controls across our infrastructure
• Administer enterprise identity management systems, with focus on Okta platform configuration and user lifecycle management
• Oversee device management policies and endpoint security controls across the organization
• Conduct security audits of SaaS applications like Google Workspace, Slack, Jira, etc including access reviews and configuration assessments
• Execute breach and attack simulation exercises to test security controls and incident response procedures
• Perform threat hunting and vulnerability assessments to proactively identify security risks
• Develop and maintain security playbooks and documentation
• Collaborate with other IT teams to implement security best practices
  

Required Qualifications

• 5+ years of experience in information security, with focus on security operations
• Strong incident response experience, including handling various types of security incidents
• Proven expertise with Elastic SIEM, including custom rule development and threat hunting
• Experience in security automation using Python, PowerShell, or similar scripting languages
• Experience in Device management, Identity Management, SaaS security audits, etc
• In-depth knowledge of cloud security principles and hands-on experience securing cloud environments (AWS)
• Understanding of common attack vectors, threat actor TTPs, and defensive strategies
  

Preferred Qualifications

• Relevant security certifications (CISSP, GCIA, GCIH, or similar)
• Experience with SOAR platforms and building automated response workflows
• Knowledge of compliance frameworks (SOC 2, ISO 27001, NIST)
• Familiarity with container security and Kubernetes environments
• Experience with threat intelligence platforms and integration
• Experience with additional device management platforms Google Workspace Administrator certification
• Experience with breach and attack simulation tools
  

Required Skills

• Strong analytical and problem-solving abilities
• Excellent communication skills and ability to explain technical concepts to non-technical stakeholders
• Experience working in fast-paced environments with ability to prioritize effectively
• Strong documentation skills
• Team player with ability to work independently when needed