Senior Security Operations Engineer

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.

Job Description

PRIMARY FUNCTIONS AND ESSENTIAL RESPONSIBILITIES

• Perform proactive threat hunting in response to intelligence alerts
• Assist the SOC team with advanced incident response when required
• Run and support vulnerability management/testing, and fully understand the Ares environment
• Tune and optimize and operationalize security tools, including network anomaly detection
• Establish and run continuous control testing for cybersecurity controls
• Support the vulnerability disclosure and/or bug bounty program
• Create and maintain a list of connections with third parties
• Help the team ensure repeatable vehicles for sharing information are available, patching SLAs are met, and patching prioritization is fully understood and accepted
• Draft standard operating procedures and/or runbooks for all new alerts and tools
• Follow process and ensuring timeliness of delivery for all projects
• Adhere to and help develop KRIs and KPIs

QUALIFICATIONS

Education:

• Bachelor’s degree in Computer Science, Information Technology, Business or equivalent discipline or demonstrated requisite years of experience for on-the-job training.
• Recommended: Professional Certifications such as CISSP, CCSK, GPEN, or OSCP

Experience Required:

• Between 5-7 years of experience in Enterprise Cybersecurity in the financial, government, military, or technology sector
• Experience with timely deliveries
• Experience preferred with threat hunting, incident response, vulnerability threat management, and continuous control validation testing.

General Requirements:

• Candidate should be willing to work flexible hours when needed due to the nature of cybersecurity threats
• Candidate should be able to work in a hybrid capacity from the local Ares office
• Strong analytical and problem-solving skills
• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
• Ability to interact effectively at all levels with sensitivity to cultural diversity
• Ability to adapt as the external environment and organization evolves
• Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements
• Experience with scripting including Python
• Knowledge of cyber security frameworks and attack methodologies
• Experience working with EDRs, Proxies, and anti-virus
• Experience working with pen testing, vulnerability, threat, and risk management
• Understanding of common Attack methods and their SIEM signatures
• Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
• Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats
• Knowledge of intrusion detection methodologies and techniques for detecting host- and network- based intrusions via intrusion detection technologies
• Excellent verbal and written English communication skills
• Ability to prioritize tasks based on the risk they pose to the enterprise
• Experience with the following tools would be an advantage, but not essential:
  • SIEM (e.g. Microsoft Sentinel, Splunk, Securonix)
  • EDR/XDR (e.g. SentinelOne, Carbon Black, Crowdstrike Falcon)
  • Vulnerability Management (e.g. Tenable Nessus, Rapid7, Qualys)
  • Attack Surface Management (e.g. Shodan, Randori, HackerOne)

Reporting Relationships