Job
Description
Triage, work with users to understand and resolve security alerts from our advanced detection tooling ( Cisco AMP, SentinelOne and Cisco Umbrella ) and MDR providers ( Kroll and Ankura ). As part of investigations analyze security logs and alerts from a variety of sources, including firewalls, intrusion detection systems, and SIEM systems. Investigate security incidents to determine their root cause and scope, and take appropriate remediation actions. Provide feedback on security policies. Provide feedback on and update security procedures and processes. Assist with the maintenance of vulnerability management tooling. Assist with the implementation and configuration of security tools and technologies Escalation of issues which are past acceptance thresholds to security or operational leadership. Provide security awareness training to employees Assist colleagues with queries about security tools or general requests. Stay up-to-date on the latest security threats and vulnerabilities Participate in security incident response exercises and drills What You Bring to the Table 5+ years of experience in security operations or an adjacent field. Proven work experience as a System Security Engineer or Information Security Engineer Detailed technical knowledge of Cloud and operating system security Detailed understanding of security principles, practices, techniques, and protocols Outstanding problem solving skills and ability to work under pressure Good verbal and written communications skills in English. Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc Experience with EDR tools, vulnerability management tools, SIEM systems, firewalls, intrusion detection systems, security automation and other security tools Experience in investigating and responding to security incidents What We Bring to the Table Bachelor s degree in Computer Science, Information Security or a related field. ISC2, COMPTIA or other relevant security certification.
