Security Operations Specialist

About the Role

Requirements

• 4+ years experience in Incident Response or Cyber Security Operations Center creating, escalating, and managing security incidents and reports
• Experience managing low to high risk cybersecurity events, event monitoring, analysis, and escalation of IT/DevOps security events
• Experience collaborating with stakeholders to drive incident response and remediation
• Experience developing runbooks for frequent or critical incident types
• 3+ years working with security tools such as SIEM, analytics and intelligence, intrusion detection, malware detection, data loss protection, and identity and access management
• Solid understanding of system and security controls on at least two OSs including Windows, Linux/Unix, and MacOS; experience with host based forensics and analyzing OS artifacts
• Excellent communication skills and ability to work collaboratively with other teams
• Problem solving mindset and growth orientation
• Bachelor's degree in Computer Science, Information Technology, or related field (preferred)
• Familiarity with cloud services, Kubernetes, and major cloud providers (AWS, GCP, Azure) (preferred)

Responsibilities

• Investigate alerts, triage, and define remediation plans
• Perform host based analysis, artifact analysis, and malware analysis
• Coordinate investigation, containment, and response activities with stakeholders
• Develop incident analysis and findings reports with gap identification and recommendations
• Recommend or develop detection logic and tune security sensors and controls
• Assess security solutions for detection and mitigation capabilities
• Create custom SIEM queries and dashboards to detect advanced TTPs
• Provide occasional weekend and on call support

Skills