Sr. IT Security Ops Engineer (Hybrid)
ISACA, New York, NY, United States
We are seeking a Senior IT Security Ops Engineer to join our team.
In this role, you will manage and oversee responses to security incidents, conduct investigations, analyze evidence and provide recommendations for remediation and improvement in the Lakeshore Learning Materials environment. The position also requires developing and maintaining Security Incident Response policies, procedures and best practices. Applicants should have at least seven years of experience in security incident response, forensics or threat intelligence. The ideal candidate also possesses certifications such as CISSP, GCIH, GCFA or CISM.
A day on the job looks like this:
Overseeing the response to security incidents from identification through resolution; preparing and delivering incident reports, briefings and lessons learned to internal and external audiences
Conducting forensic analysis, threat hunting and root‑cause analysis related to security incidents
Training and mentoring other Information Security Analysts, providing feedback and guidance to help solve new or complex problems
Identifying areas to improve Information Security monitoring and detection capabilities; monitoring and analyzing emerging threats, vulnerabilities and exploits
Developing and implementing scalable preventative security measures, including detection, monitoring and exploitation prevention
Developing and delivering cybersecurity awareness training programs for employees, educating them on current threats and best practices
Configuring alerting and automation within end point protection, incident detection and vulnerability management tools
Helping plan, organize and conduct quarterly tabletop exercises to prepare the organization for security incidents
Qualifications:
Bachelor’s degree in computer science, cybersecurity or a related field, or equivalent work experience
At least 7 years of experience in security incident response, forensics or threat intelligence
Proficiency with Security Incident Response tools and platforms, such as SIEM, EDR, SOAR and IRM
Experience working with cloud‑based environments such as AWS, Azure or GCP
Strong knowledge of security frameworks, standards and best practices, including NIST, ISO and MITRE
Ability to design security‑relevant infrastructure as code (IaC)
Preferred:
Certifications such as CISSP, GCIH, GCFA or CISM
Hands‑on experience assessing, implementing and managing third‑party and cloud service provider security tools and services, such as Endpoint Protection Platforms (EPP), firewall and network security tools, intrusion detection and prevention systems (IDS/IPS), vulnerability management tools, web application firewalls (WAF), and identity and access management (IAM)
Familiarity with advanced Microsoft Office features for data analysis and presentation of findings
Demonstrated scripting capabilities with modern languages such as Python
Program experience using languages such as Bash, PowerShell and Python
#J-18808-Ljbffr
In this role, you will manage and oversee responses to security incidents, conduct investigations, analyze evidence and provide recommendations for remediation and improvement in the Lakeshore Learning Materials environment. The position also requires developing and maintaining Security Incident Response policies, procedures and best practices. Applicants should have at least seven years of experience in security incident response, forensics or threat intelligence. The ideal candidate also possesses certifications such as CISSP, GCIH, GCFA or CISM.
A day on the job looks like this:
Overseeing the response to security incidents from identification through resolution; preparing and delivering incident reports, briefings and lessons learned to internal and external audiences
Conducting forensic analysis, threat hunting and root‑cause analysis related to security incidents
Training and mentoring other Information Security Analysts, providing feedback and guidance to help solve new or complex problems
Identifying areas to improve Information Security monitoring and detection capabilities; monitoring and analyzing emerging threats, vulnerabilities and exploits
Developing and implementing scalable preventative security measures, including detection, monitoring and exploitation prevention
Developing and delivering cybersecurity awareness training programs for employees, educating them on current threats and best practices
Configuring alerting and automation within end point protection, incident detection and vulnerability management tools
Helping plan, organize and conduct quarterly tabletop exercises to prepare the organization for security incidents
Qualifications:
Bachelor’s degree in computer science, cybersecurity or a related field, or equivalent work experience
At least 7 years of experience in security incident response, forensics or threat intelligence
Proficiency with Security Incident Response tools and platforms, such as SIEM, EDR, SOAR and IRM
Experience working with cloud‑based environments such as AWS, Azure or GCP
Strong knowledge of security frameworks, standards and best practices, including NIST, ISO and MITRE
Ability to design security‑relevant infrastructure as code (IaC)
Preferred:
Certifications such as CISSP, GCIH, GCFA or CISM
Hands‑on experience assessing, implementing and managing third‑party and cloud service provider security tools and services, such as Endpoint Protection Platforms (EPP), firewall and network security tools, intrusion detection and prevention systems (IDS/IPS), vulnerability management tools, web application firewalls (WAF), and identity and access management (IAM)
Familiarity with advanced Microsoft Office features for data analysis and presentation of findings
Demonstrated scripting capabilities with modern languages such as Python
Program experience using languages such as Bash, PowerShell and Python
#J-18808-Ljbffr