Overview
On Site
Depends on Experience
Contract - Independent
Contract - W2
Contract - 6 Month(s)
Skills
vulnerability management
patch management
crowdstrike
tenable.io
Job Details
Role: Senior SecOps Engineer
Location: Santa Clara, CA
Duration: 6 months Contract to Hire
Role Overview: We are hiring a skilled Senior SecOps Engineer to support Security Operations team. This role will be responsible for managing enterprise vulnerabilities, patching, and cloud security.
Key Responsibilities:
- Vulnerability Management
- Manage vulnerabilities across networks, endpoints, Azure cloud, and enterprise applications.
- Perform full lifecycle vulnerability management using TenableOne - detect, prioritize, and remediate vulnerabilities (Zero-day, Critical, High, Medium, Low).
- Assess vulnerabilities based on CVE impact, CVSS, and VPR scores.
- Respond to zero-day vulnerabilities using CrowdStrike RTR for endpoint investigation and mitigation.
- Patch Management
- Design and manage patching for Windows, Linux, cloud workloads, and endpoints using Automox or similar tools.
- Develop automation scripts (PowerShell or Python) for deployment, validation, and rollback.
- Collaborate with IAM, Systems Engineering, End User Services, NetOps, and Software Engineering teams to ensure complete patch compliance.
- Cloud Security & Threat Hunting
- Manage Azure Cloud security posture using Defender for Cloud, Azure Security Center, and Azure Policy.
- Perform threat hunting and incident response using Azure Sentinel and KQL queries.
- Governance, Reporting & Collaboration
- Lead weekly Vulnerability & Patch Management (VMP) status meetings.
- Prepare reports and dashboards covering vulnerability KPIs, MTTR, risk trends, patch compliance, and risk exposure.
- Team Involvement & Availability
- Participate in daily SecOps standups, lead VMP weekly status meetings, and attend bi-weekly staffing meetings.
Required Qualifications:
- Minimum 5 years of experience in vulnerability and patch management in enterprise environments.
- Hands-on expertise with TenableOne.
- Experience with patch deployment using Automox or equivalent tools.
- Strong knowledge of CrowdStrike Falcon Complete and RTR scripting.
- Proficient in PowerShell and/or Python scripting.
- Proven ability to manage zero-day vulnerabilities and coordinate rapid remediation.
- Deep experience with Azure cloud security and threat detection using Azure Sentinel and KQL.
- Strong understanding of enterprise IT infrastructure: networking, servers, cloud, and endpoint security.
Preferred Qualifications:
- CISSP or equivalent cybersecurity certification.
- Experience with Infrastructure as Code (IaC) tools: Terraform, ARM templates, or Bicep.
- Azure Security Engineer Associate or CrowdStrike certification.
- Background in manufacturing or regulated industries.
- Familiarity with DevOps security tools such as Ansible, Chef, or Puppet.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.