Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.
About the role
- Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
Responsibilities
- Maintain our SIEM and SOAR platforms to ensure optimal performance and effectiveness in detecting and responding to security threats.
- Develop and fine-tune detection and correlation rules, dashboards, and reports within the SIEM to accurately detect anomalous activities.
- Create, manage, and optimize SOAR playbooks to automate incident response processes and streamline security operations.
- Utilize Python scripting to develop custom integrations and automate repetitive tasks within the SOC.
- Build and maintain automation workflows to enhance the efficiency of threat detection, alert triage, and incident response.
- Conduct proactive threat hunting to identify potential security gaps and indicators of compromise.
- Analyze security alerts and data from various sources to identify and respond to potential security incidents.
- Collaborate with Information Security team members and other teams to enhance the overall security of the organization.
- Create and maintain clear and comprehensive documentation for detection rules, automation workflows, and incident response procedures.
Requirements
- 6+ years of experience in a Security Operations Center (SOC) environment or a similar cybersecurity role.
- Hands-on experience with managing and configuring SIEM platforms (e.g., Elastic SIEM, Splunk, QRadar, Microsoft Sentinel).
- Demonstrable experience with SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk SOAR) and playbook development.
- Proficiency in Python for scripting and automation of security tasks.
- Strong understanding of incident response methodologies, threat intelligence, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST).
- Excellent analytical and problem-solving skills with the ability to work effectively in a fast-paced environment.
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Training & Development
- Retirement Plan (401k, IRA)
- Free breakfast and lunch
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Incident Response Orchestration Lead at Bank of America defining automation for security incident workflows with a focus on Splunk SOAR and Tines. Collaborating with security operations and engineering teams to implement scalable solutions.
SOC Analyst II providing tier II cybersecurity support in a Security Operations Center environment. Conducting vulnerability assessments and analyzing cyber threats while training junior staff members.
Security Operations Analyst responsible for monitoring and responding to cybersecurity threats. Ensuring the confidentiality, integrity, and availability of data per compliance standards.
SOC Analyst responsible for cybersecurity incident management at Algosystems in Greece. Monitoring security threats, conducting investigations, and improving SOC services.
Cyber Operations Lead ensuring coordination of cyber operations between the Security Operations Center and internal business units. Enhancing security through effective incident response and threat management initiatives.
Solution Sales Manager enhancing revenue in financial services, focusing on ServiceNow IRM and Tanium solutions. Collaborating with teams and engaging C - level executives in Austria and Switzerland.
Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.