Senior Incident Response & SOC Engineer
TripActions is looking for an experienced SOC Operations Engineer with experience in the daily monitoring, analyzing, and upkeep of an enterprise security operations system. The engineer will be a close partner with Security, SRE and IT teams. They will review security related events, identify incidents, and manage security incidents to completion. The engineer will have direct interactions with corporate employees across the global organization and need to be self-directed to finalize incident remediation.
In addition to the performance of respective responsibilities, they’ll execute on the following:
- Perform quality work within deadlines with or without direct supervision
- Interact professionally with other employees, customers, and providers
- Work effectively as a team contributor on all assignments
- Work independently while understanding the necessity for communicating and coordinating work efforts cross-functionally
Job Requirements
- Aid in the setup and deployment of SIEM tools
- Build and maintain existing SIEM rules according to business needs.
- Work cross functionally with multiple teams and service owners to drive remediation efforts to completion within designated SLAs
- Monitor SIEM and logging tools to identify security incidents
- Provide recommendations and specific remediation instructions for security issues
- Document events as related to security investigations
- Stay abreast of the latest cyber security related news, trends, campaigns, and disclosures
- Perform other related duties as required or assigned
- Very strong detail orientation; ability to maintain focus
- Excellent organizational and time management skills; Prioritization and deadlines
- Ability to multitask and managing multiple projects/priorities daily
This role has no supervisory responsibilities. However, as a senior contributor, you will be expected to train, mentor, and share knowledge with fellow teammates.
Minimum Qualifications
- 4+ years of security operations experience
- Experience with major operating systems include Linux, OSX, and Windows
- Strong familiarity with server and endpoint operating systems, cloud provider ecosystems, and traditional networked environments
- Knowledge incident response workflow and best practices
- Professional certifications such as GIAC, CISSP, or any other equivalent certification as related to the job description