Security Operations Engineer
- Job Title
- Security Operations Engineer
- Job ID
- Southfield, MI
- Other Location
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.
Conexess is looking for a highly motivated Information Security professional to fulfill the Security Operations Engineer role with in the Information Security Team. This position will provide technical expertise and protection of assets by reviewing, analyzing, and implementing security controls, functions, and processes within the enterprise to support the overall information security program and other security initiatives. This position will consult with other IT staff and non-IT departments on security issues and requirements to support the security team’s projects, initiatives, and operational responsibilities. This position may also serve as a backup to other critical security positions as necessary.
The Security Operations Engineer is a full-time role located in Southfield, Michigan and reports to Chief Information Security Officer, working in the Security Operations Center which provides cyber defense of information assets and manages physical security controls. This role will focus on maturing the physical security program. This will involve continual improvement of processes, procedures, and controls that are in place to protect our global facilities. The role will also provide support to cyber defense responsibilities including, but not limited to, security monitoring, incident response, malware prevention, data loss prevention, and threat intelligence and analysis. This position may be contract to hire.
- Coordinate and assist vendors and contractors with implementing and supporting physical security controls for office modifications and new builds
- Work with office managers to improve security processes and procedures
- Administer information security controls and software such as endpoint protection, endpoint detection and response, intrusion detection/prevention (IDS/IPS), security incident and event management (SIEM), data loss prevention (DLP), and physical security systems
- Respond to, investigate, and analyze security events to determine appropriate actions
- Analyzes security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning
- Gather information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications.
- Perform incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered
- Stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies
- Provide insight and participate in security projects to evaluate and recommend security products for various applications and platforms throughout the organization while supporting business initiatives
- Assist with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP).
- Successfully manage multiple priorities and deadline.
- Improve security efficiency and streamline/automate work processes while working collaboratively with other team members and IT staff to accomplish objectives
- Participate, as needed, in critical incidents and implementation reviews
Qualifications / Requirements:
- Highly motivated to work in information security
- 2-6 years of Information Technology experience
- Experience working in Security Operations is preferred
- Bachelor’s degree in Information Technology or related field preferred; work experience and background will be considered in lieu of formal education
- Desire to continuously improve processes and procedures to help build and maintain a high performing team
- Experience integrating security tools through scripting, using API’s and improving existing processes through automated methods are a plus
- Experience with physical security technology such as door access and badging systems is a plus
- Experience with a Security Incident and Event Management (SIEM) tool is a plus
- Experience with Endpoint Security tools is a plus
- Incident Response, Forensics, and Malware Analysis experience is a plus
- System administration and security hardening experience is a plus
- Ability to work well as an individual and as part of a team
- Excellent written and oral communication skills, inter-personal skills, and effective skills to support security programs. Must be able to provide formal reports and presentations as required.
- Must give attention to detail and possess the ability to prioritize tasks so work is completed in an accurate, timely manner.
- Strong knowledge of information systems security concepts and current information security trends and practices.
- Working knowledge of infrastructure security tools such as firewalls, network security monitoring, anti-malware, OS hardening, etc.
- Proven project management and organizational skills
- Security Certifications such as the following are a plus:
- CompTIA Security+ (Sec+)
- CompTIA Advanced Security Practioner (CASP)
- GIAC Information Security Fundamentals (GISF)
- GIAC Security Essentials (GSEC)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)