SECOPS Engineer

Job Summary:

Our client is seeking a SECOPS Engineer who manages and leads the resolution of high or critical severity incidents, ensuring efficient and effective responses through the development of customized automation scripts. This is a hybrid role located in Milwaukee, WI!

Duties:

• Work closely with and advise on security best practices for Cloud, Infrastructure, Developers and Data Analysts to ensure security is implemented by design
• Design and implement technical security controls
• Conduct security review and audit of Cloud, SaaS, Network, AI environments to identify and mitigate potential security risks
• Develop and implement security automation workflows using scripting languages and/or automation tooling such as Torq, Tines, etc.
• Provide seniority and oversight for a SOC shift as needed
• Conduct complex investigations and providing advice to other Security Analysts
• Manage and lead High or Critical severity incident resolution
• Develop customized scripts or procedures to automate the repetitive tasks and improve the efficiency of incident response activities
• Provide expert advice on remediation and recovery efforts and develop threat remediation strategies
• Perform proactive analysis of the attack surface and advising on potential threats and attack vectors
• Provide feedback on security control capability gaps based on security intrusion trends. Stay abreast of the latest cyber security trends and developments
• Assist in developing, coordinating, and implementing SOC documentation
• Provide input to SOC operation metrics and reports
• Work closely with Security Engineering and Architecture

Desired Skills/Experience:

• Bachelor’s or Master’s Degree in Computer Science, Engineering, Information Security or extensive professional experience considered in place of a Bachelor's degree
• 5+ years of professional experience in SOC operations and/or incident response
• Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, SOAR, Firewalls, IAM, IDS/IPS, End Point Protection, Threat Management/Intelligence)
• Expertise in Cloud security such as AWS, GuardDuty, CloudTrail, Lambda, GCP, GCP Cloud Audit, Cloud Security Command Center, Log Explorer, GKE Logs, Kubernetes
• Understanding of API security: REST, SOAP, OAuth, API Keys/Tokens, API Gateway
• Familiarity with security frameworks, standards, and guidelines
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Ability to work with complex problems where analysis of situations or data requires an in-depth evaluation of variable factors
• Excellent troubleshooting and problem-solving skills
• Experience in SOC documentation development
• Full professional proficiency in English, especially in technical writing and oral communications
• Strong communication skills and the ability to work with various stakeholders
• Demonstrated integrity in a professional environment
• Excellent troubleshooting and problem-solving skills
• Strong attention to detail and an eye for consistency
• Ability to work in a fast-paced, multi-team environment
• Fast learning, willingness to self-development and constantly expanding knowledge

Benefits:

• Medical, Dental, & Vision Insurance Plans
• 401K offered