Cyber Security Operations Engineer

Work Schedule - 8am-5pm (Hybrid, 1 - 2 day a week in office)

Description:

What you will be doing:

As a Cyber Security Operations Engineer II you will play a pivotal role in our organization's cybersecurity efforts. You will be responsible for executing complex cyber security operations and Incident Response initiatives to safeguard our systems and networks against advanced threats. Working closely with cross-functional teams, you will provide expert-level guidance to junior analysts and other teams within the organization.

Primary duties and responsibilities:

• Operating enterprise security services such as continuous cyber security operations, incident response, cyber monitoring, threat hunting, or digital forensics.
• Using security tools and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommending modifications to existing systems and procedures.
• Performing analysis on collection of cyber threats using high-level proactive and reactive threat hunting methods.
• Ensuring that security controls are developed, managed, and maintained.
• Supporting Incident Response efforts.
• Conducting business impact analysis to ensure resources are adequately protected with proper security measures.
• Assessing threats regarding information assets and recommending the appropriate information security controls and measures.
• Actively supporting junior analysts with security event monitoring to uncover potential security violations (e.g., breaches, unauthorized activity).
• Participating in on-call rotation (including weekends) to ensure continuous operations.
• Participating in internal incident response exercises and drills.

Experience, Skills and Educational Requirements:

Must have:

• A Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems or other related field, or equivalent work experience.
• 2-4 years of combined IT and cybersecurity work experience.
• Hands-on experience performing cyber security investigations with the following security tool categories: SIEM, EDR, Email Security Gateway, with primary focus on CrowdStrike Falcon XDR.
• Understanding of cyber security industry frameworks (e.g., MITRE ATT&CK, D3FEND, NIST, Cyber Kill Chain, etc.).
• Good written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English.
• Experience in supporting major incident response activities.
• Experience in supporting detection and response for EDR tools.

Nice to have:

• Fluency in other languages i.e., Turkish; Spanish; French; Lithuanian.
• Security certification (i.e., CompTIA Security+, CompTIA CySA+, EC-Council CEH) or equivalent.
• Expertise in one or more of the following functional areas: Digital Forensics, Threat Hunting.
• Experience in Python, PowerShell, Bash, or any other scripting language.
• Prior experience in developing detection rules and SOAR playbooks.