Jobs via Dice
Security Operation Engineer - Remote
Jobs via Dice, Jersey City, New Jersey, United States, 07390
Security Operations Engineer
Location: Remote
Duration: 6-12 months
Security Operations Engineer to join our cybersecurity team and help protect our organization's infrastructure, applications, and data from cyber threats.
Key Responsibilities
Monitor and analyze alerts from SIEM and other security tools (e.g., Splunk, QRadar, Sentinel, Elastic Security).
Investigate suspicious activity, anomalies, and security incidents across networks, systems, and applications.
Tune security tools and correlation rules to improve detection capabilities and reduce false positives.
Incident Response & Investigation
Serve as the first responder to security incidents – triaging alerts, performing root‑cause analysis, and documenting findings.
Coordinate incident response efforts with internal teams and, when necessary, external partners.
Preserve digital evidence and maintain chain‑of‑custody documentation for potential legal or compliance requirements.
Security Tool Administration & Automation
Deploy, configure, and maintain security tools such as EDR/XDR, IDS/IPS, firewalls, vulnerability scanners, and log management systems.
Automate detection and response workflows using SOAR platforms or scripting languages (Python, PowerShell, Bash).
Maintain playbooks and runbooks for common incident scenarios.
Vulnerability & Patch Management
Work with IT and DevOps teams to identify, prioritize, and remediate vulnerabilities.
Schedule and oversee regular vulnerability scans (e.g., Tenable, Qualys, Rapid7).
Track and report on remediation progress and SLA adherence.
Threat Intelligence & Continuous Improvement
Leverage threat intelligence feeds to proactively identify and defend against emerging threats.
Conduct post‑incident reviews to identify lessons learned and improve future responses.
Participate in red team/blue team exercises and security drills.
Qualifications
Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
8+ years of experience in security operations, SOC, or incident response.
Strong knowledge of network protocols, operating systems (Windows, Linux, macOS), and cloud platforms (AWS, Azure, Google Cloud Platform).
SIEM tools and log analysis techniques.
Common attack techniques, tactics, and procedures (MITRE ATT&CK framework).
Experience with endpoint security, intrusion detection, and vulnerability management tools.
Hands‑on scripting and automation skills (Python, PowerShell, or Bash).
Preferred Qualifications
Security certifications such as GCIH, GCIA, GCFA, CEH, Security+, or CISSP.
Familiarity with container security (Docker, Kubernetes) and IaC scanning.
Exposure to compliance requirements (e.g., PCI DSS, HIPAA, ISO 27001).
Key Competencies
Strong analytical, troubleshooting, and decision‑making skills.
Ability to work under pressure in fast‑paced, high‑stakes security incidents.
Clear communication skills—both written and verbal.
Collaborative mindset and ability to work cross‑functionally with IT, DevOps, and business teams.
Performance Metrics
Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) improvements.
Reduction in repeated incidents from the same root cause.
Efficiency and accuracy of security monitoring and response.
Uptime and reliability of security tools and monitoring infrastructure.
Apply via Dice today!
#J-18808-Ljbffr
Duration: 6-12 months
Security Operations Engineer to join our cybersecurity team and help protect our organization's infrastructure, applications, and data from cyber threats.
Key Responsibilities
Monitor and analyze alerts from SIEM and other security tools (e.g., Splunk, QRadar, Sentinel, Elastic Security).
Investigate suspicious activity, anomalies, and security incidents across networks, systems, and applications.
Tune security tools and correlation rules to improve detection capabilities and reduce false positives.
Incident Response & Investigation
Serve as the first responder to security incidents – triaging alerts, performing root‑cause analysis, and documenting findings.
Coordinate incident response efforts with internal teams and, when necessary, external partners.
Preserve digital evidence and maintain chain‑of‑custody documentation for potential legal or compliance requirements.
Security Tool Administration & Automation
Deploy, configure, and maintain security tools such as EDR/XDR, IDS/IPS, firewalls, vulnerability scanners, and log management systems.
Automate detection and response workflows using SOAR platforms or scripting languages (Python, PowerShell, Bash).
Maintain playbooks and runbooks for common incident scenarios.
Vulnerability & Patch Management
Work with IT and DevOps teams to identify, prioritize, and remediate vulnerabilities.
Schedule and oversee regular vulnerability scans (e.g., Tenable, Qualys, Rapid7).
Track and report on remediation progress and SLA adherence.
Threat Intelligence & Continuous Improvement
Leverage threat intelligence feeds to proactively identify and defend against emerging threats.
Conduct post‑incident reviews to identify lessons learned and improve future responses.
Participate in red team/blue team exercises and security drills.
Qualifications
Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
8+ years of experience in security operations, SOC, or incident response.
Strong knowledge of network protocols, operating systems (Windows, Linux, macOS), and cloud platforms (AWS, Azure, Google Cloud Platform).
SIEM tools and log analysis techniques.
Common attack techniques, tactics, and procedures (MITRE ATT&CK framework).
Experience with endpoint security, intrusion detection, and vulnerability management tools.
Hands‑on scripting and automation skills (Python, PowerShell, or Bash).
Preferred Qualifications
Security certifications such as GCIH, GCIA, GCFA, CEH, Security+, or CISSP.
Familiarity with container security (Docker, Kubernetes) and IaC scanning.
Exposure to compliance requirements (e.g., PCI DSS, HIPAA, ISO 27001).
Key Competencies
Strong analytical, troubleshooting, and decision‑making skills.
Ability to work under pressure in fast‑paced, high‑stakes security incidents.
Clear communication skills—both written and verbal.
Collaborative mindset and ability to work cross‑functionally with IT, DevOps, and business teams.
Performance Metrics
Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) improvements.
Reduction in repeated incidents from the same root cause.
Efficiency and accuracy of security monitoring and response.
Uptime and reliability of security tools and monitoring infrastructure.
Apply via Dice today!
#J-18808-Ljbffr