Director leading security operations strategy and overseeing investigations at Ford Motor Company. Responsible for global investigations, crisis management, and team leadership.
About the role
- Security Operations Center Engineer at ZeroFox monitoring cybersecurity threats and establishing SOC operations. Contributing to threat intelligence and supporting security projects within a high-impact team.
Responsibilities
- Monitor and analyze alerts from SIEM, EDR, and other monitoring platforms.
- Perform initial triage of security events using documented playbooks.
- Support CTI workflows, including collecting and summarizing internal and external intelligence.
- Document investigations, incident details, and response actions clearly.
- Escalate confirmed incidents to senior SOC staff or cross-functional teams.
- Contribute to threat reporting for leadership and stakeholders.
- Assist with security projects, such as tool integrations, automation pilots, and process improvements.
- Participate in shift handovers and maintain clear communication of ongoing investigations.
- Share findings and escalate issues effectively to ensure timely resolution.
- Support the development of SOC playbooks, detection rules, and dashboards under guidance.
- Stay current on emerging threats and contribute ideas for continuous improvement.
Requirements
- Bachelor’s degree in Information Security, Computer Science, or related field; OR equivalent practical experience.
- 0–2 years of professional experience in security operations, IT support, or related technical field.
- Basic familiarity with cybersecurity concepts (e.g., malware, phishing, vulnerabilities, log analysis).
- Basic scripting or automation knowledge (Python, PowerShell, Bash).
- Strong analytical and problem-solving skills with attention to detail.
- Exposure to SIEM, EDR, or IDS/IPS tools (academic, lab, or professional).
- Ability to learn new tools and processes quickly in a hands-on environment.
- Clear written and verbal communication skills, including documenting findings.
- Ability to balance day-to-day monitoring with participation in longer-term projects.
- Strong interest in developing toward advanced SOC, CTI, or incident response roles.
- CompTIA Security+, Network+, or equivalent entry-level certification.
- Familiarity with threat intelligence concepts and frameworks (e.g., MITRE ATT&CK).
- Exposure to cloud environments (AWS, Azure, GCP).
- Experience drafting technical or executive reports.
Benefits
- Competitive compensation
- Community-driven culture with employee events
- Generous time off
- Best-in-class benefits
- Fun, modern workspace
- Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cloud Security Engineer at Artemys designing and maintaining secure Azure infrastructures, overseeing security monitoring and incident management.
Lead global Cyber Detect and Respond team at Assa Abloy, ensuring timely incident response and security compliance. Oversee operations while collaborating across IT and business functions for effective threat management.
Lead Cybersecurity Analyst responsible for technical leadership of a 24x7 SOC team at AT&T. Drive operational standards, incident response, and continuous improvement initiatives.
Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.
Senior Security Operations Center Analyst protecting computer systems and data through investigation and incident response. Collaborating with IT leaders and mentoring junior analysts in security operations.
Security Operations Engineer creating automations and detection strategies for security infrastructure. Collaborating across teams to enhance security measures and protect organizational assets.
Solution Sales Manager driving revenue growth in Austria and Switzerland's financial sector. Collaborating with teams and managing sales cycles for ServiceNow and Tanium - related services.
Lead SOC Analyst responsible for monitoring and controlling OCLC services. Providing leadership and mentorship while ensuring service delivery and incident management in a hybrid work environment.
Technical Writer supporting Cyber Security Operations Center, documenting processes and workflows for incident response. Collaborating with analysts and engineering teams to create actionable documentation.