Senior Operations Engineer Information Security - Switch4 LLC

Position Summary
The Senior Security Operations Engineer operates and maintains the team's portfolio of vulnerability management, automation, and other authentication tools. Additional tasks include forensic recovery/support, event management, spam investigation, incident response, threat feed management, penetration testing, proactive defense, and security event management. This role will focus heavily on operational and strategic level tasks, provide counsel and guidance to junior security engineers, and guide other departments in improving their security posture. The Senior Engineer will also serve in an architectural capacity, providing information and planning for new technology and policy deployments.

Essential Job Duties

• Responsible for daily duties associated with the Security Operations team, including extending services to all campuses and regional affiliates.
• Implement and support the SIEM tool, including integrating data sources and applicable monitoring agents.
• Implement and support the scanning platform, vulnerability attack platform, privileged account management solution, and other discovery tools.
• Perform penetration testing on all managed systems and generate reports to help remediate security findings.
• Implement and support the Security Event Management platform, including correlation and automation capabilities for security functions.
• Implement and support web security platforms, threat prevention systems, and other network-based sensors as required.
• Review daily threat feeds, host alarms, cloud-based reporting, and similar information to proactively mitigate threats.
• Engage in threat hunting to actively search for and identify undetected cyber threats.
• Collect and disseminate reports, metrics, and other indicators related to vulnerability management functions.
• Detonate malware in a test lab and interact with the EDR platform.
• Perform password testing and cracking using various tools like Ophcrack.
• Configure Data Loss Prevention (DLP) systems and tune rules for EDM.
• Partner with the Security Engineering, Risk Management, and Security Operations Center teams to provide critical development and automation tasks.
• Collaborate with the Event and Incident Management team to take security event intelligence and produce actionable alarming for proactive security incident management.
• Develop test plans, test data, and schedules; conduct unit and system tests to verify results.
• Install and perform in-house and vendor updates in a timely and efficient manner in accordance with IS change control standards and procedures.
• Work across multiple phases of systems and applications analysis, considering the business implications of technology applications.
• Occasional on-site presence may be required; should live within a commutable distance. No relocation assistance available.

Required Qualifications

• Bachelor's degree in a technical or engineering discipline, or equivalent experience.
• At least 6 years of technical experience in an IT-related field.
• Exposure to SIEM tools such as Splunk.
• Knowledge of Data Loss Prevention systems and safeguarding sensitive data.
• Extensive systems and network engineering experience related to Windows OS, MacOS, and Linux/Unix OS.
• Extensive experience using the Kali Linux platform and toolsets.
• Knowledge and experience with vulnerability management platforms such as Nexpose, Tenable, Qualys, etc.
• Knowledge and experience with network security platforms, including SIEM, firewalls, intrusion detection and prevention, web proxies, internet content filtering, and EDR/XDR.
• Knowledge of cryptography, encryption products, data loss prevention, and mobile device management.
• Strong organizational skills to prioritize work/life balance and lead complex projects.
• Strong interpersonal skills with the ability to interact with customers, senior personnel, subordinates, and team members.
• Strong leadership skills to guide peer business partners with vulnerability remediation.

Preferred Qualifications

• CISSP
• CEH
• OSCP
• Functional and practical experience with scripting and automation techniques