Senior Cyber Security Engineer - Security Operations Center

Join Team CARFAX as a Senior Cyber Security Engineer - Security Operations Center

Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment. 

We are seeking a highly skilled and motivated Senior Cyber Security Engineer - Security Operations Center to join our dynamic Information Security team. The Senior Cyber Security Engineer - Security Operations Center plays an essential role in building, supporting, and enhancing the organization's cybersecurity posture. This senior position offers an excellent opportunity to work closely with cybersecurity professionals to protect the organization's data and IT infrastructure from cyber threats. The Senior Cyber Security Engineer will be accountable for the development and maintenance of the Security Operations Center program for Carfax.

At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs.

What you’ll be doing:

• Oversee and operate continuous monitoring of network traffic, systems, and applications to detect, analyze, and respond to cybersecurity threats and incidents, utilizing advanced security tools and methodologies for proactive defense.
• Lead the entire security incident process, including detection, triage, investigation, containment, remediation, and reporting, ensuring minimal impact on business operations and continuously improve incident response processes through automation.
• Conduct in-depth analysis and forensics of security incidents to determine root causes, identify compromised systems, and assess the scope of breaches, using standard practices to gather and preserve evidence for potential legal and regulatory requirements.
• Develop and maintain a robust threat intelligence program by collecting, analyzing, and disseminating actionable intelligence to anticipate, identify, and mitigate emerging threats, leveraging internal and external sources to enhance the organization's security posture.
• Proactively perform threat hunting activities using advanced analytical techniques and tools to identify and mitigate undetected threats, and potential vulnerabilities within the organization's systems.
• Manage and optimize the collection, storage, and analysis of security logs from various sources to ensure comprehensive visibility and timely detection of security events, implementing best practices for log retention, parsing, and aggregation to support SOC functions.
• Develop and deliver risk-based security reports that provide actionable insights and recommendations by analyzing security incidents, threats, and vulnerabilities, informing decision-makers of the current security posture and ensuring alignment with organizational risk management strategies.
• Create and maintain comprehensive security documentation, including policies, procedures, and guidelines, and support security awareness training programs to educate staff about cyber threats, safe practices, and incident response protocols, fostering a security-conscious culture.

What we're looking for:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field, or equivalent work experience in information technology.
• 4-7 years of experience in cyber incident response within an Incident Response or Security Operations Center team.
• Strong understanding of security principles, practices, tools, and techniques used by cybersecurity teams.
• Familiarity with security technologies, tools, and frameworks (e.g., SIEM, Endpoint Detect & Response, firewalls, IDS/IPS, MITRE ATT&CK, BURP Suite, Nessus, NMAP) and knowledge of programming languages and operating systems (e.g., Python, Kali Linux).
• Skilled in interpreting and analyzing data from multiple security tools and sources, including IDS alerts, firewall logs, web and application logs, and network traffic, to detect Indicators of Compromise and malicious Tactics, Techniques, and Procedures.
• Ability to review alerts for relevancy and urgency, provide tuning recommendations, identify and respond to sophisticated threats, and conduct risk assessments with strong analytical and problem-solving skills.
• Excellent written and verbal communication skills, with an emphasis on clear and concise risk-based reporting; ability to work both collaboratively in a team environment and independently; eagerness to learn and a proactive attitude towards professional development.

What’s in it for you:

• Competitive compensation, benefits and generous time-off policies
• 4-Day summer work weeks and a winter holiday break
• 401(k)/DCPP matching
• Annual bonus program
• Casual, dog-friendly, and innovative office spaces
• For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits

Don’t just take our word for it:

• 10X Virginia Business Best Places to Work
• 10X Washingtonian Great Places to Work
• 9X Washington Post Top Workplace
• St.Louis Post-Dispatch Best Places to Work