Sr. Security Operations Engineer SOC

We are unable to sponsor for this permanent full-time rolePosition is bonus eligiblePrestigious Enterprise Company is currently seeking a Sr. Cyber Security Operations Engineer. Candidate will help with the Security Operations Center vision of reducing information risk by ensuring and enhancing the confidentiality, integrity, and availability of information systems.

• Monitor security events from SIEM, threat Intelligence, end user notifications, etc. to determine security risk and appropriate response.
• Review new threats to determine need for relevant security use cases and work closely with Threat Detection team to implement them.
• Review existing alerts to identify opportunities for tuning and work with the Content Development team to test and implement tuning requests.
• Follow established processes, procedures & SLAs to respond to and document analysis of security events.
• Participate in review of new SIEM use cases and develop runbooks that provide guidelines for analyzing the specific threats related to new use cases.
• Evaluate use cases on a periodic basis to ensure they are still relevant, support monitoring of security risks, have the correct data sources and are providing value.
• Develop and improve processes/procedures related to the Cyber Security Operation Center.
• Collaborate with the Incident Response team on the response, triage and escalation of security events affecting the company’s information assets and activities.
• Coordinate with the Forensics team for analysis of malware samples, to obtain IOCs and implement necessary preventive measures.
• Provide guidance to build the controls necessary for automated and proactive detection and prevention.

• Bachelor’s degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
• 5+ years of information security or related risk management experience
• 2+ years of Hands on Information Security SOC/Incident Response experience with analyzing IOCs/Alerts as identified by CSOC & Threat Intel team
• 2+ years of Splunk experience
• Demonstrated experience with SIEM use cases and runbook development
• Demonstrated experience in handling security events in mission critical environments
• Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
• Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
• Relevant security knowledge and experience in two of the following areas: security operations, incident response, network/host intrusion detection, threat response