Specialist, Security Engineering & Operations

We are looking for an intermediate level security specialist to join our Global Cybersecurity Services Team. As part of our modern cybersecurity operating model, the role will be engaged in enhancing our security technology stack, building AI driven security automation workflows and contributing to security operations. We are building a modern, multi-cloud, intelligence driven security operations capability that will heavily involve AI and automation; and will require engineering and operational skills at all levels. 

Responsibilities

• Threat Monitoring Investigations - deep dive into Tier 1 & Tier 2 security operations escalations, performing incident triage and root cause analysis. Proficient in performing investigations using open source and proprietary tools, including but not limited to - EPP/EDR/XDR software, Digital Forensics tools/software, SIEM platforms, etc.
• Security Engineering - Build, maintain and enhance our security operations technology stack, which includes next generation SIEM and SOAR solutions. Familiar with security logging and detection engineering practices, manage the detection use case life cycle. Relentlessly automate and creatively incorporate AI into workflows.
• Incident Response - Proficient in end-to-end Incident Response. Able to take the lead and provide guidance during investigations and incidents to pivot the investigation, drive containment, mitigation and other security outcomes.
• Security Projects - Lead projects and initiatives that may involve - Endpoint Security enhancements, Threat Hunting, Compromise Assessments, Network/Endpoint security reviews, etc. 
• Leadership - Be comfortable with cross-functional leadership and stakeholder management. Be willing to mentor and contribute to the growth and capability of the team. 

Requirements

• 5-7 years of experience in Information Security, with technical hands-on experience in Security Operations, Security Engineering, Digital Forensics, Incident Response, Endpoint Security or Cloud Security. 
• Working Experience with SIEM, EPP/EDR/XDR, SOAR, Cloud Security (CSPM, Container Security, etc), Digital Forensics software & tools.
• Working experience with Cloud environments like AWS, Azure and GCP.
• Experience in applying AI/ML in cybersecurity use cases. 
• Experience in using scripting languages to automate tasks and manipulate data or programming experience.
• Highly self-motivated, attention to detail and outcome driven.
• Proficiency in verbal and written English. 
• On-call is required.