Senior Security Engineer responsible for deploying and maintaining endpoint security solutions. Collaborating across teams to enhance security posture and supporting incident response activities.
About the role
- Lead SOC incident response, forensics, and threat hunting at Cox Communications. Drive SOC operations, tool integration, and mentor analysts for national critical infrastructure protection.
Responsibilities
- Oversee and manage daily SOC operations, ensuring priorities and quality objectives are consistently met
- Lead incident triage and response efforts, reviewing and addressing escalated security events from Tier I/II analysts
- Direct technical activities across all phases of the incident response process: detection, assessment, containment, eradication, and recovery
- Conduct forensic analysis on compromised systems and coordinate with third-party resources as needed
- Perform in-depth incident analysis by correlating data from multiple sources to identify root causes and impacts
- Document and communicate findings, producing comprehensive after-action reports for the security team
- Develop and execute threat hunting strategies across the organization to proactively identify and mitigate threats
- Recommend and implement improvements to enhance the effectiveness and efficiency of threat intelligence, incident response, and scalability
- Lead technical incident response efforts, ensuring clear and active communication among stakeholders
- Collaborate with engineering teams to optimize enterprise monitoring platform configurations for effective threat detection and response
- Drive continuous evaluation and integration of monitoring platform configurations to enhance SOC capabilities and support efficient operations
- Partner with Security Engineering teams to enhance features and capabilities within existing security tools
- Execute projects under the guidance of Cyber Defense Leadership
- Train and mentor junior analysts, fostering their professional growth and development
- Develop, implement, and mature SOC policies and procedures to ensure robust security operations
- Stay informed on emerging threats and technologies, continuously adapting SOC strategies to address evolving security challenges
- Perform additional tasks and duties as directed by the CSOC Manager
Requirements
- Bachelor’s degree in a related discipline and 6 years’ experience in a related field (the right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; or 18 years’ experience in a related field in lieu of degree)
- 6+ years of technical experience in the information/cyber security field
- 2+ years of direct experience in an Incident Response role in large enterprise environments
- Experience in the application of Incident Response methodologies
- Strong knowledge and experience with the Windows and Linux operating systems
- Working knowledge of cloud technologies such as Amazon, Azure, and Google
- Experience using Python, PowerShell or equivalent automation and enrichment technologies
- Experience with Microsoft Graph API and KQL
- Strong knowledge of network protocols, web servers, authentication mechanisms, anti-virus, and server applications
- Ability to execute under pressure
- Ability to perform independent analysis, distill relevant findings and root cause
- Ability to communicate complex ideas clearly and effectively using written and verbal communication
- Preferred: Cloud technology experience and associated incident response techniques
- Preferred: Ability to perform forensics on Windows endpoints
- Preferred: Experience with endpoint security agents (Microsoft Defender, CrowdStrike etc.)
- Preferred: Experience with threat hunting in cloud environments
- Preferred: Azure, AWS, GPC experience
- Preferred: Experience with Fortinet, Palo and Juniper firewalls
- Preferred: Experience with network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques
- Preferred: Experience automating response operations through SOAR, Logic Apps, Defender Live Response or similar technologies
- Preferred: Industry certification such as GCIH, CCIA, GIAC, CISSP, or CISM
Benefits
- The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations
- Seven paid holidays throughout the calendar year
- Up to 160 hours of paid wellness annually for their own wellness or that of family members
- Additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave
- Health care insurance (medical, dental, vision)
- Retirement planning (401(k))
- Paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO)
- Flexible Work Option Hybrid - Ability to work remotely part of the week
- Position may be eligible for additional compensation that may include an incentive program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Administrative support role within MAHLE's Thermal and Fluid Systems unit, assisting the team with various operational tasks and employee interactions.
Senior Security Engineer at PagBank focusing on application security and secure development practices. Responsibilities include testing, vulnerability management, and collaboration with development teams.
Security Software Engineer at a tool - building company automating coding. Focused on shipping secure products covering enterprise security, cloud, and embedded protections.
Senior Product Cyber Security Systems Engineer at Sonova focusing on product security and cyber threats. Collaborating with teams to maintain robust security practices and compliance.
Threat Exposure Oversight Specialist enhancing security risk management in Cyber Defence team. Collaborating across functions to validate and document security controls and risks.
Lead Security Engineer at Octopus Energy, ensuring security in digital energy solutions and managing a team. Join us in revolutionizing the renewable energy transition.
Lead Information Security Analyst driving security improvements and team management at Octopus Energy. Join us in ensuring secure service delivery across our global operations.
Program Manager overseeing global safety, intelligence, and security at Anthropic. Developing policies and coordinating cross - functional initiatives.
CyberSecurity Sales Specialist engaging Fortune 250 clients to drive cybersecurity solutions at HPE. Focusing on enterprise sales, strategic expansion, and leading competitive pursuits in the Northeast - Mid Atlantic region.