The Cyber Security Operations Center Senior Engineer is the senior technical resource in the Security Operations Center (SOC). This role is responsible for the design, implementation, and support of a variety of complex projects supporting the SOC function. This role is a critical escalation point for SOC operations and has technical responsibility for SOC operations including the documentation of processes, procedures, and technical solutions.
Applicants can expect to make between $103,000 to $140,000 upon hire. Pay within this range will vary based upon relevant experience, skills, and education among other factors. In addition, this position is eligible for a target incentive bonus under our variable incentive plan.
This position is eligible for a JM remote work arrangement in which an employee has the opportunity to work remotely or work at the designated company office. Remote work location is subject to company approval.Your Day-to-Day:
Research best practices, strategies, architecture, and designs related to the Security Operations Center (SOC). Identifies strategy for key technologies utilized in the information security function globally.
Security Project Management Utilize project management skills to ensure timeliness of security projects related to SOC tools including (SIEM), Endpoint Detection and Response (EDR), and forensic tools.
Security Operations Management
- Endpoint Detection and Response (EDR) client management including patching and system tuning for applications including whitelisting, antivirus, VPN, Forensics, and DLP
- Manage SIEM platform including configuration, upgrades, and IT integrations
- Remediation of vulnerability scanning issues.
- Vulnerability Management tool configuration including reporting and scanning.
- Performs advanced Penetrations scans of the environment and produces recommendations for remediation.
Technical Mentor and trainer for security engineering personnel on security architecture, new technology, and incident troubleshooting.
Incident Handling and forensic analysis: Senior technical engineer for security incident handling by executing the following or related tasks:
?What You Bring to the Team:
- Advanced analysis of security events to determine root cause.
- Identify and react to network attacks, viruses, and intrusions without significant technical assistance from others.
- Develop and coordinate remediation plans when compromises occur.
- Identifies and implements root cause actions.
- Troubleshooting of issues in a highly complex technical environment which covers SIEM systems, Firewalls, IDS / IPS, mobile system management, malware tools, and web content filtering.
- Provide forensic analysis of security violations and report investigation details to legal HR and IT leadership. Analysis may be complex in nature and this role would manage the effort with little supervision.
- Bachelor degree with a minimum of 7 years of IT experience and a minimum of 4 years of experience in managing a highly complex security landscape for a large corporate environment.
- At least one certification such as CISSP, SANS GIAC, Cisco CCSP, CISM.
- Proven expertise in Security Information and Event Management SIEM Solutions, Splunk preferred
- Demonstrated switch router firewall and Cisco wireless knowledge. Experience consistent with a CCNA certification.
- Significant expertise in Web content filtering. Cisco technologies preferred.
- Expert experience with IDS/IPS solutions
- Proven expertise in VPN site to site, client, and web based
- Working knowledge of authentication systems such as Radius and Cisco ACS
- Working knowledge of Web Proxy solutions
- Excellent skills in Web Application Firewalls
- Expert knowledge of best forensic practices for evidence collection of data from device and network assets
- Expert ability to design and integrate complex security solutions that improve the efficiency and security of the corporate network infrastructure
- Proven knowledge of high performance and secure data centers configuration and controls
- Fundamental knowledge of Manufacturing systems, SCADA, and Process control Network preferred
- Strong understanding of web application design, function, and secure software development lifecycles (SDLC) preferred
- Proven expertise in SSL certificates and Public Key Infrastructure
- Experience and willingness to be on-call
- Ability to handle sensitive and confidential information appropriately and securely
- Travel required- 15-20% out of the year domestic and international travel
- This position will be remote -- work from home environment, however, must be able to travel to manufacturing facilities globally for projects, when applicable.
- Incumbent must be physically able to perform essential job functions. Reasonable accommodations may be made to enable individuals with disabilities to perform essential job functions.