Security Operations Engineer protecting Notion’s systems and users by investigating and responding to security events. Collaborating with a global team to enhance security processes and protocols.
About the role
- Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.
Responsibilities
- Monitor, triage, and investigate alerts from SIEM, EDR, identity platforms, and cloud environments
- Use AI/LLM-powered tools to enrich alerts, summarize logs, and support root cause analysis
- Correlate telemetry across identity, endpoint, cloud, and network systems to build clear incident timelines
- Support containment and remediation efforts in collaboration with SOC, engineering, and IT teams
- Analyze AI-generated threat scores, behavioral anomalies, and recommendations to detect stealthy or emerging threats
- Assist in evidence collection for forensics, insider threat, or audit-related investigations
- Document incidents thoroughly and contribute to response playbooks and process improvements
- Participate in tabletop exercises and threat simulation activities to improve detection and response maturity
- Recommend enhancements to detection rules and automation workflows based on incident learnings
- Other duties as assigned by organization leadership
Requirements
- Possess strong communications and interpersonal skills in English
- Self-directed, organized, and able to manage multiple priorities
- Strong ability to work collaboratively with others, to influence based on knowledge and experience
- Experience in a SOC, cybersecurity operations, or incident response role
- Hands-on experience with tools like SentinelOne, Defender for Endpoint, Microsoft Sentinel, Zscaler, or Splunk
- Familiarity with MITRE ATT&CK and common attacker tactics, techniques, and procedures
- Working knowledge of endpoint behavior, log analysis, DNS/HTTP/SOC telemetry, and identity-related indicators
- Basic scripting or automation (PowerShell, Python, Bash) to assist in triage or data parsing
- Experience using or interpreting AI/ML-driven detection tools, or LLM-based security assistants (e.g., for alert summaries or ticket generation)
- Strong communication and documentation skills for technical and non-technical audiences
- Calm under pressure and effective in active response situations
Benefits
- Health insurance
- Life insurance
- Disability insurance
- Retirement plan
- Paid time off
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
SecOps Engineer at Aristocrat maintaining security for innovative iGaming platforms and collaborating with cross - functional teams. Focused on AWS services security and compliance assessments.
Cybersecurity Incident Response Analyst handling security events and incidents at Var Group in a hybrid work environment. Focused on ensuring response to security incidents and improving security processes.
Cybersecurity Incident Response Analyst handling security incidents and threats. Working in a hybrid environment at Yarix, a leader in digital evolution.
IAM Security Ops Analyst overseeing access management for clinical trial applications at Syneos Health. Collaborating with IT and compliance teams to enforce IAM policies and improve operational performance.
Fraud Operations Group Manager responsible for managing fraud management policies in the Operations Services team. Leading teams in minimizing fraud impacts while ensuring compliance and operational objectives.
Information Security Analyst responsible for security operations, threat hunting, and incident response at Bellinati Perez. Involves collaboration with internal teams and use of advanced security tools.
Senior SOC Analyst specializing in security operations and incident response at PEXA, advancing digital property solutions in the UK. Collaborating with teams to enhance security measures and respond to incidents.
Security Monitoring Analyst developing XDR detection rules for cybersecurity at ESET. Actively contributing to threat defense innovation while monitoring security environments.
Overseeing global security operations across 81 sites for QVC Group, a Fortune 500 live shopping company. Managing security programs with expertise in investigations and crisis management.