Cybersecurity Engineer ensuring the security of IT & OT systems at ArianeGroup. Collaborating with internal teams and overseeing compliance and protection measures.
About the role
- Lead SOC incident response, forensics, and threat hunting at Cox Communications. Drive SOC operations, tool integration, and mentor analysts for national critical infrastructure protection.
Responsibilities
- Oversee and manage daily SOC operations, ensuring priorities and quality objectives are consistently met
- Lead incident triage and response efforts, reviewing and addressing escalated security events from Tier I/II analysts
- Direct technical activities across all phases of the incident response process: detection, assessment, containment, eradication, and recovery
- Conduct forensic analysis on compromised systems and coordinate with third-party resources as needed
- Perform in-depth incident analysis by correlating data from multiple sources to identify root causes and impacts
- Document and communicate findings, producing comprehensive after-action reports for the security team
- Develop and execute threat hunting strategies across the organization to proactively identify and mitigate threats
- Recommend and implement improvements to enhance the effectiveness and efficiency of threat intelligence, incident response, and scalability
- Lead technical incident response efforts, ensuring clear and active communication among stakeholders
- Collaborate with engineering teams to optimize enterprise monitoring platform configurations for effective threat detection and response
- Drive continuous evaluation and integration of monitoring platform configurations to enhance SOC capabilities and support efficient operations
- Partner with Security Engineering teams to enhance features and capabilities within existing security tools
- Execute projects under the guidance of Cyber Defense Leadership
- Train and mentor junior analysts, fostering their professional growth and development
- Develop, implement, and mature SOC policies and procedures to ensure robust security operations
- Stay informed on emerging threats and technologies, continuously adapting SOC strategies to address evolving security challenges
- Perform additional tasks and duties as directed by the CSOC Manager
Requirements
- Bachelor’s degree in a related discipline and 6 years’ experience in a related field (the right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; or 18 years’ experience in a related field in lieu of degree)
- 6+ years of technical experience in the information/cyber security field
- 2+ years of direct experience in an Incident Response role in large enterprise environments
- Experience in the application of Incident Response methodologies
- Strong knowledge and experience with the Windows and Linux operating systems
- Working knowledge of cloud technologies such as Amazon, Azure, and Google
- Experience using Python, PowerShell or equivalent automation and enrichment technologies
- Experience with Microsoft Graph API and KQL
- Strong knowledge of network protocols, web servers, authentication mechanisms, anti-virus, and server applications
- Ability to execute under pressure
- Ability to perform independent analysis, distill relevant findings and root cause
- Ability to communicate complex ideas clearly and effectively using written and verbal communication
- Preferred: Cloud technology experience and associated incident response techniques
- Preferred: Ability to perform forensics on Windows endpoints
- Preferred: Experience with endpoint security agents (Microsoft Defender, CrowdStrike etc.)
- Preferred: Experience with threat hunting in cloud environments
- Preferred: Azure, AWS, GPC experience
- Preferred: Experience with Fortinet, Palo and Juniper firewalls
- Preferred: Experience with network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques
- Preferred: Experience automating response operations through SOAR, Logic Apps, Defender Live Response or similar technologies
- Preferred: Industry certification such as GCIH, CCIA, GIAC, CISSP, or CISM
Benefits
- The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations
- Seven paid holidays throughout the calendar year
- Up to 160 hours of paid wellness annually for their own wellness or that of family members
- Additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave
- Health care insurance (medical, dental, vision)
- Retirement planning (401(k))
- Paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO)
- Flexible Work Option Hybrid - Ability to work remotely part of the week
- Position may be eligible for additional compensation that may include an incentive program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Internship for building and deploying SSE/MASE system while working closely with management at I3P, a firm specialized in electrical networks.
Technicien d'installation de dispositifs antichute supervisant l'installation et la sécurité. Participer aux visites de chantier, préparer et gérer l'installation avec une autre personne.
Installs complete fall protection systems ensuring safety compliance. Managing team and quality of work on construction sites in a hybrid role.
IT Specialist ensuring smooth IT operations in a growing beauty company. Collaborate with external service providers and support internal teams with compliance and documentation.
Strategic leader focused on Cyber Security and Fraud analytics at Sun Life. Establishing centralized functions and driving proactive detection and response efforts.
Manager Infrastructure & Security driving IT infrastructure and security landscape for semiconductor firm. Collaborating with teams to build scalable systems and innovative security strategies.
Residential Security Agent managing physical security for clients in California and Nevada, ensuring compliance with safety protocols and quick response to emergencies.
Senior Cyber Security Consultant at HvS - Consulting focusing on ISMS development and team leadership. Engaging clients in ISO 27001 compliance and strategic cybersecurity improvements.