We are seeking a highly skilled and motivated Security Operations Engineer to join our security team. The successful candidate will be responsible for monitoring, analyzing, and responding to security events within our infrastructure to protect the confidentiality, integrity, and availability of information systems across the firm. As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment.
* Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incident response to contain and mitigate any detected issues.
* Threat Analysis: Conduct in-depth analysis of potential and active security threats, including malware, phishing, and network intrusions, and recommend appropriate remediation steps.
* Detection Engineering: Design, build, and continuously improve rules and analytics that identify malicious or anomalous activity across systems and networks.
* Automation: Design, build, and maintain automations that enhance Security Operations workflows and response. Hands-on experience integrating Generative AI tools and technologies into existing workflows, including practical application of LLMs, prompt engineering, AI-assisted content creation, or automation solutions that improved operational efficiency, productivity, or decision-making processes.
* Security Tool Management: Maintain tools instrumental to Security Operations (SIEM, EDR, DLP, etc.).
* Vulnerability Management: Assist with vulnerability scanning, assessment, and remediation efforts to ensure the timely patching of identified vulnerabilities.
* Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement.
* Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture.
* Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive measures to defend against evolving threats.
* Compliance & Risk Management: Ensure that security operations align with regulatory requirements, industry standards, and internal policies, assisting with audits and compliance activities as necessary.