Security Product Operations specialist

Key Responsibilities:

Security Tool Management & Administration

• Deploy, configure, and maintain security tools such as Splunk SIEM, EDR/XDR, SOAR, Zscaler, VPNs, firewalls, and OT/ICS security tools.
• Ensure continuous operation and optimization of security products.
• Perform routine updates, patching, and tuning of tools for best performance and integration.

Threat Monitoring & Incident Handling

• Monitor logs and alerts from SIEM, EDR, and network security tools to detect threats and anomalies.
• Support incident investigations by correlating logs and analyzing events.
• Collaborate with SOC and IR teams to escalate and mitigate security incidents.

Automation & SOAR Integration

• Develop and configure SOAR playbooks to automate common security workflows.
• Create scripts using Python, PowerShell, or APIs for automation and system integration.

Vulnerability Remediation & Risk Reduction

• Analyze vulnerabilities and assist IT and DevSecOps teams in remediation.
• Track and report patch compliance for all security-related tools and platforms.

Compliance & Reporting

• Build and maintain dashboards and reports using SIEM and security platforms.
• Support compliance with frameworks such as NIST, ISO 27001, CIS Controls, SOC 2, and PCI DSS.
• Assist with internal audits and regulatory assessments involving security infrastructure.

OT & Network Security Operations

• Ensure secure configuration and segmentation of OT/ICS networks.
• Work with network teams on firewall policies, VPNs, and Zscaler deployments.
• Manage and support cloud security tools including CSPM and CNAPP solutions.

Required Qualifications & Skills:

Technical Skills:

• Hands-on experience with security tools: Splunk SIEM, Microsoft Defender, CrowdStrike EDR, Cyware SOAR, Zscaler, Palo Alto firewalls, DLP, CSPM, CNAPP.
• Strong understanding of network security protocols, IDS/IPS, and firewall configurations.
• Familiarity with security frameworks like MITRE ATT&CK, NIST CSF, Zero Trust.
• Basic scripting ability with Python, PowerShell, or Bash.

Experience:

• 46 years of experience in security operations, tool administration, or product management.
• Prior involvement in SOC, security engineering, and vulnerability management is preferred.

Certifications (Preferred):

• Splunk Certified Administrator
• Microsoft Security Certifications (e.g., SC-200, SC-300)
• CISA, CISM, GIAC (GCIH, GCIA, GCFA), CEH, CCSP, CCSK, or similar