Summary

We are seeking a highly motivated Security Operations Center Engineer to join our team. The successful candidate will be responsible for monitoring and investigating security incidents and assisting Tier 2 analysts in resolving security issues.

Essential Functions

• Collaborates with consults with customers, vendors, and contractors to provide expert technical solutions in support of contracts in a fast pace and demanding environment
• Follows up with customer contacts to ensure satisfactory resolutions
• Reports findings, tracks progress, and documents customer communication within incident management system
• Manages workload in a manner that meets defined Service Level Agreements
• Develops positive working relationships with internal and external customers

Additional Specific Duties and Responsibilities

·       Performs On-call rotation with team members

Key Responsibilities

• Monitor security events and alerts generated by security tools, including SIEM, IDS/IPS, and endpoint detection and response systems
• Conduct initial triage of security events and determine which events require further investigation and escalation
• Investigate and analyze security incidents, including log analysis, malware analysis, and system forensics
• Coordinate with other IT teams to address security incidents and vulnerabilities
• Create and maintain accurate and timely records of security incidents and responses
• Contribute to the development and refinement of incident response processes and procedures
• Assist Tier 2 analysts in resolving complex security issues
• Stay up-to-date with the latest security threats, vulnerabilities, and industry trends
• Participate in regular training and knowledge sharing sessions to enhance security skills and expertise

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field
• At least 1 year of experience in Security Operations or related field
• Strong knowledge of security principles, concepts, and technologies, including firewalls, intrusion detection/prevention systems, SIEM, and endpoint security
• Familiarity with incident response processes and tools, including log analysis, malware analysis, and forensic investigations
• Basic understanding of security frameworks and standards, such as NIST, ISO, and CIS
• Strong analytical and problem-solving skills, with the ability to work independently and in a team environment
• Excellent communication skills, with the ability to articulate complex security issues to technical and non-technical stakeholders

Certifications

• CCSIP, Security+, GSEC, or other relevant security certifications are preferred