Security Operations Center Analyst managing incidents and security alerts for 7 - Eleven stores. Focusing on in - depth analysis and proactive monitoring within a state - of - the - art Security Operations Center.
About the role
- Security Operations Engineer II optimizing security operations at Credit Acceptance. Collaborating on threat response and managing security tool configurations with a focus on automation.
Responsibilities
- Operate and tune enterprise security tools (EDR, SIEM/SOAR, WAF/proxy, email security).
- Manage proxy filtering policies, exceptions, SSL inspection, and performance troubleshooting.
- Build automation and playbooks (Python/PowerShell, SOAR, APIs) to streamline SecOps tasks.
- Implement CI/CD pipelines and Infrastructure-as-Code workflows for consistent, auditable security configuration changes.
- Author and tune detection rules; improve signal quality and reduce false positives.
- Maintain and author health dashboards, uptime/coverage metrics, and change governance documentation.
- Conduct knowledge transfers through runbooks, how-to guides, tabletop exercises, and lunch & learn training sessions.
- Maintain upgrade schedules, license compliance, configuration baselines, and key/secret rotations.
- Analyze block events for false positives; measure impact; retire exceptions on schedule and report residual risk.
- Build and maintain an automation backlog in partnership with SecOps, prioritizing high-frequency, high-toil tasks.
- Provide on-call support for tooling availability and ingestion/normalization issues.
- Report on metrics (uptime, coverage, MTTR, lead time, change success rate, exception aging).
Requirements
- Bachelor’s degree in computer science, Information Systems, Data Science or closely related field of study or equivalent experience
- Minimum 2 years of experience in cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), operations incident response, network security or security engineering
- Basic experience administering, deploying and managing security tools.
- Basic experience operating WAF/proxy and SIEM/SOAR.
- Scripting in Python and/or PowerShell and building API integrations; JSON/YAML proficiency.
- CI/CD and Git workflows; Infrastructure-as-Code for security configurations.
- Basic understanding of TLS/SSL, HTTP, identity-aware policies, and egress/ingress routing.
- Documentation discipline and change management (ITIL basics).
- Ability to produce formal and informal reports, briefings, and analysis of security controls.
- Experience with Endpoint Detection and Response (EDR) or Intrusion Detection System or Intrusion Prevention System (IDS/IPS) monitoring tools.
- Understanding of MITRE ATT&CK Framework and Cyber Kill Chain flow
- Understanding of incident response processes and risk management.
Benefits
- Excellent benefits package that includes 401(K) match
- Adoption assistance
- Parental leave
- Tuition reimbursement
- Comprehensive medical/dental/vision
- Many nonstandard benefits that make us a Great Place to Work
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Operations Manager at Qnity managing physical security programs across global sites. Overseeing operations and collaborating with cross - functional teams to mitigate risk and maintain secure facilities.
SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.
Manager overseeing technical security operations for the Protection Services department. Responsible for managing security systems, staff training, and interdepartmental collaboration.
Principal in Security Monitoring Response at Mastercard managing global crises and resilience operations. Leading incident response efforts and ensuring the safety of people and assets.
SOC Analyst II providing real time security monitoring and threat hunting services for clients in various industries. Assisting in identifying security incidents and managing vulnerabilities.
Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.