Information Security Operations Engineer

Job Description

Information Security Operations Engineer
Hybrid (2 days onsite) - Walnut creek CA or Phenoix, AZ
Contract

Overview:
We are seeking a skilled and experienced Information Security Operations Engineer to join our dynamic and innovative security operations team. The Information Security Operations Engineer will support the implementation and maintenance of the security monitoring and alerting tools necessary to protect our organization's systems, networks, and data from potential threats. The ideal candidate will have a good mix of hands-on technical knowledge, previous experience in security operations, incident response, security risk mitigation, and security practices. The individual should be proactive, organized, analytical, detail oriented and persistent.

Security Operations is one of the critical business support responsibilities for the Information Security team. We provide insights regarding threats the company faces and quickly respond to and recover from potential cyber events or incidents. It is important for this individual to understand there are cyber threat actors targeting the maritime industry and we must stay vigilant, be ready to respond in a manner that will limit the impact and allow for quick recovery.

Technical Requirements/Competencies:

• Information security operations analytical skills, including those commonly handled by a Security Operations Center (SOC), including SOC Tier 2 level skills

• Knowledge of network security protocols, tools, and technologies (BGP, TCP/IP layers, DNS, SMTP, SSL, etc.)

• Understanding of network and system architecture, including cloud-based environments (AWS, Azure)

• Experience and knowledge of network firewalls, network monitoring tools and other IDS/IPS

• Experience with security incident response and handling techniques

• Proficiency in using SIEM tools for log analysis and correlation

• Familiarity with vulnerability management tools and processes

• Technical knowledge in system and network security, authentication and security protocols, and application security

• Understanding of web technologies - protocols, programming techniques, browsers, etc.

• Familiarity with common tools such as Splunk, Microsoft Defender, Proofpoint, Office 365, PowerShell, and various network tools

• Experience in distributed systems and cloud-based architecture including Amazon AWS, Microsoft Azure, and the native security tools available in these environments (Data Explorer, GuardDuty, Log Analytics, etc.)

• Familiarity with Unix/Linux, Windows, SQL, macOS, shell scripting, and various other technologies

• Security research and root cause analysis skills to identify and analyze potential security vulnerabilities

• Professional written and verbal communication that includes the capability to translate highly technical material to communicate with executives

• Ability to work effectively both independently and in a team environment

• Understanding of web vulnerabilities and weaknesses (cross-site scripting, cross-site request forgery, etc.).

• Problem solving skills

• Collaborative with the ability to influence and work with many internal stakeholders

• Customer service experience/customer focus to analyze customer reported security issues

• Ability to multi-task in a fast-paced environment

• May be required to lift equipment weighing up to fifty (50) pounds

QUALIFICATIONS, EDUCATION AND EXPERIENCE

• Minimum of 2 years of hands-on experience in security operations, incident response, or a similar role

• Bachelor's degree in computer science, Information Security, or a related field is a plus

• Certifications is a plus - GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), etc.