BioSpace
Join to apply for the
Security Operations Engineer
role at
USP
Get AI-powered advice on this job and more exclusive features.
Brief Job Overview The Security Operations Engineer safeguards USP enterprise systems and data to advance our global public health mission. You will lead enterprise incident response and continuous monitoring while elevating our defense posture through expert use of EDR platforms, multifactor authentication, web filtering, and a modern SIEM, including onboarding new log sources and evolving threat models.
You will coordinate with internal teams, MSSPs, and law enforcement, sustain 24x7 operational readiness, and execute investigations, forensics, triage, and timely remediation that reduce risk. You will deliver clear metrics and after-action reviews, maintain mappings to the MITRE ATT&CK framework and related models, and inform policies, standards, and playbooks that strengthen resilience across the enterprise.
How will you create impact here at USP? As part of our mission to advance scientific rigor and public health standards, you will play a vital role in increasing global access to high-quality medicines through public standards and related programs.
Additionally, USP’s People and Culture division invests in leadership and workforce development to equip all employees with the skills to create high-performing, inclusive teams.
Responsibilities
Direct and enable enterprise technicians to resolve cyber defense incidents by correlating data to pinpoint vulnerabilities and drive rapid remediation.
Provide in-depth on-site and remote guidance on EDR platforms such as Carbon Black and CrowdStrike.
Administer and support multifactor authentication in Microsoft Entra ID for all users.
Administer and support Zscaler web filtering and proxy services for secure internet access.
Sustain mission critical operations around the clock with high availability and responsiveness.
Coordinate work with managed security service providers and professional services.
Maintain current knowledge of adversary tactics, techniques and procedures and apply this intelligence to improve defenses.
Diagnose and resolve issues with log ingestion parsing and SIEM configuration to preserve detection fidelity.
Maintain internal knowledge bases including mappings of detections to MITRE ATT&CK kill chains and related attack models.
Develop and refine SOC standard operating procedures and processes for consistent execution.
Detect and respond to incidents across workstations, servers and networks using SIEM behavioral analytics and network analysis.
Analyze logs from diverse sources to identify and prioritize threats to network security.
Validate incidents and perform triage to determine scope, urgency and impact; identify vulnerabilities and recommend remediation.
Execute real-time incident handling including forensic collection, intrusion correlation, tracking, threat analysis and direct system remediation.
Analyze multi-source network alerts to identify root cause and business risk.
Track and document incidents from initial detection through final resolution with clear ownership and accountability.
Apply established defense-in-depth principles including layered controls and security robustness.
Produce trend analysis and reporting; monitor external intelligence sources to assess emerging threats; write and publish after-action reviews.
Gather and analyze inputs to define requirements and support the development and update of policies, standards and procedures.
Partner across diverse cross-functional teams to solve complex problems with broad business impact.
Provide clear updates to management on security incidents and lead the investigation documentation and reporting of forensic findings.
Qualifications
Bachelor's degree in Computer Science, Information Security, or related field with at least 3 years of experience in information security operations, or 5 years of equivalent experience.
Hands on practice in incident identification and triage, full lifecycle incident response, technical liaison, drafting reports, multi-source log correlation.
Proven experience configuring and deploying endpoint detection and response platforms such as Carbon Black and CrowdStrike.
Proven experience configuring and deploying Zscaler web filtering and proxy solutions.
Proven experience administering Microsoft Entra ID including multifactor authentication.
Demonstrated application of incident response methodologies and best practices.
Experience operating a SIEM with ability to create and tune threat detection rules.
Familiarity with open-source intelligence feeds and their operational use.
Strong knowledge of Windows and Linux operating systems.
Proficiency with scripting languages such as Python or PowerShell.
Strong understanding of network protocols, web servers, authentication mechanisms, antivirus and server applications.
Track record of executing effectively under pressure.
Ability to perform independent analysis, distill findings, determine root cause and recommend remediation.
Excellent written and verbal communication skills with the ability to simplify complex concepts.
Ability to listen, integrate diverse perspectives, build and maintain respectful relationships, collaborate across teams and resolve conflicts constructively.
Ability to lead and influence without formal authority through collaboration, coordination and self-motivation within an inclusive environment.
Desired Preferences
Cloud security and incident response across AWS and Azure using native controls such as Defender for Cloud, GuardDuty, and CloudTrail.
Endpoint security expertise with Carbon Black, CrowdStrike, and Microsoft Defender for Endpoint.
Network and host forensics using tools such as Suricata, Wireshark, Zeek, PCAP, tcpdump, Sysmon, OSSEC.
SIEM and log engineering with Splunk or Elastic, including data onboarding, parsing and normalization, and tuning analytics and playbooks.
Identity and access security with Microsoft Entra ID, multifactor authentication, conditional access, secure access service edge solutions.
Scripting and automation with Python or PowerShell to integrate tools and improve response times.
Supervisory Responsibilities None, this is an individual contributor role.
Benefits USP provides the benefits to protect yourself and your family today and tomorrow. From company-paid time off and comprehensive healthcare options to retirement savings, you can have peace of mind that your personal and financial well‑being is protected.
Compensation Base Salary Range:
USD $87,200.00 – $113,450.00
annually.
Target Annual Bonus: % Varies based on level of role.
Equal Opportunity Employer USP is an equal employment opportunity employer (EEO/EOE) and is committed to ensuring fair, merit-based selection processes that enable the best scientific minds to contribute to advancing public health solutions worldwide. We provide reasonable accommodations to individuals with disabilities and uphold policies that create an inclusive and collaborative work environment.
Job Category Information Technology
Job Type Full-Time
Referrals increase your chances of interviewing at BioSpace by 2x
Sign in to set job alerts for “Security Engineer” roles.
#J-18808-Ljbffr
Security Operations Engineer
role at
USP
Get AI-powered advice on this job and more exclusive features.
Brief Job Overview The Security Operations Engineer safeguards USP enterprise systems and data to advance our global public health mission. You will lead enterprise incident response and continuous monitoring while elevating our defense posture through expert use of EDR platforms, multifactor authentication, web filtering, and a modern SIEM, including onboarding new log sources and evolving threat models.
You will coordinate with internal teams, MSSPs, and law enforcement, sustain 24x7 operational readiness, and execute investigations, forensics, triage, and timely remediation that reduce risk. You will deliver clear metrics and after-action reviews, maintain mappings to the MITRE ATT&CK framework and related models, and inform policies, standards, and playbooks that strengthen resilience across the enterprise.
How will you create impact here at USP? As part of our mission to advance scientific rigor and public health standards, you will play a vital role in increasing global access to high-quality medicines through public standards and related programs.
Additionally, USP’s People and Culture division invests in leadership and workforce development to equip all employees with the skills to create high-performing, inclusive teams.
Responsibilities
Direct and enable enterprise technicians to resolve cyber defense incidents by correlating data to pinpoint vulnerabilities and drive rapid remediation.
Provide in-depth on-site and remote guidance on EDR platforms such as Carbon Black and CrowdStrike.
Administer and support multifactor authentication in Microsoft Entra ID for all users.
Administer and support Zscaler web filtering and proxy services for secure internet access.
Sustain mission critical operations around the clock with high availability and responsiveness.
Coordinate work with managed security service providers and professional services.
Maintain current knowledge of adversary tactics, techniques and procedures and apply this intelligence to improve defenses.
Diagnose and resolve issues with log ingestion parsing and SIEM configuration to preserve detection fidelity.
Maintain internal knowledge bases including mappings of detections to MITRE ATT&CK kill chains and related attack models.
Develop and refine SOC standard operating procedures and processes for consistent execution.
Detect and respond to incidents across workstations, servers and networks using SIEM behavioral analytics and network analysis.
Analyze logs from diverse sources to identify and prioritize threats to network security.
Validate incidents and perform triage to determine scope, urgency and impact; identify vulnerabilities and recommend remediation.
Execute real-time incident handling including forensic collection, intrusion correlation, tracking, threat analysis and direct system remediation.
Analyze multi-source network alerts to identify root cause and business risk.
Track and document incidents from initial detection through final resolution with clear ownership and accountability.
Apply established defense-in-depth principles including layered controls and security robustness.
Produce trend analysis and reporting; monitor external intelligence sources to assess emerging threats; write and publish after-action reviews.
Gather and analyze inputs to define requirements and support the development and update of policies, standards and procedures.
Partner across diverse cross-functional teams to solve complex problems with broad business impact.
Provide clear updates to management on security incidents and lead the investigation documentation and reporting of forensic findings.
Qualifications
Bachelor's degree in Computer Science, Information Security, or related field with at least 3 years of experience in information security operations, or 5 years of equivalent experience.
Hands on practice in incident identification and triage, full lifecycle incident response, technical liaison, drafting reports, multi-source log correlation.
Proven experience configuring and deploying endpoint detection and response platforms such as Carbon Black and CrowdStrike.
Proven experience configuring and deploying Zscaler web filtering and proxy solutions.
Proven experience administering Microsoft Entra ID including multifactor authentication.
Demonstrated application of incident response methodologies and best practices.
Experience operating a SIEM with ability to create and tune threat detection rules.
Familiarity with open-source intelligence feeds and their operational use.
Strong knowledge of Windows and Linux operating systems.
Proficiency with scripting languages such as Python or PowerShell.
Strong understanding of network protocols, web servers, authentication mechanisms, antivirus and server applications.
Track record of executing effectively under pressure.
Ability to perform independent analysis, distill findings, determine root cause and recommend remediation.
Excellent written and verbal communication skills with the ability to simplify complex concepts.
Ability to listen, integrate diverse perspectives, build and maintain respectful relationships, collaborate across teams and resolve conflicts constructively.
Ability to lead and influence without formal authority through collaboration, coordination and self-motivation within an inclusive environment.
Desired Preferences
Cloud security and incident response across AWS and Azure using native controls such as Defender for Cloud, GuardDuty, and CloudTrail.
Endpoint security expertise with Carbon Black, CrowdStrike, and Microsoft Defender for Endpoint.
Network and host forensics using tools such as Suricata, Wireshark, Zeek, PCAP, tcpdump, Sysmon, OSSEC.
SIEM and log engineering with Splunk or Elastic, including data onboarding, parsing and normalization, and tuning analytics and playbooks.
Identity and access security with Microsoft Entra ID, multifactor authentication, conditional access, secure access service edge solutions.
Scripting and automation with Python or PowerShell to integrate tools and improve response times.
Supervisory Responsibilities None, this is an individual contributor role.
Benefits USP provides the benefits to protect yourself and your family today and tomorrow. From company-paid time off and comprehensive healthcare options to retirement savings, you can have peace of mind that your personal and financial well‑being is protected.
Compensation Base Salary Range:
USD $87,200.00 – $113,450.00
annually.
Target Annual Bonus: % Varies based on level of role.
Equal Opportunity Employer USP is an equal employment opportunity employer (EEO/EOE) and is committed to ensuring fair, merit-based selection processes that enable the best scientific minds to contribute to advancing public health solutions worldwide. We provide reasonable accommodations to individuals with disabilities and uphold policies that create an inclusive and collaborative work environment.
Job Category Information Technology
Job Type Full-Time
Referrals increase your chances of interviewing at BioSpace by 2x
Sign in to set job alerts for “Security Engineer” roles.
#J-18808-Ljbffr