Mid-Level Cyber Security Engineer

Position Overview:
We are seeking a Cyber Security Operations Engineer with a strong background in security operations threat detection and incident response.
The ideal candidate will have experience with advanced security technologies including SIEM SOAR EDR XDR NDR and more to help defend against cyber threats and ensure the security of our digital assets.
This role requires handson expertise with security tools such as McAfee ePO Antivirus EPP DLP and Data Classification technologies.As a Cyber Security Operations Engineer you will play a critical role in monitoring detecting and responding to security incidents working closely with other security teams and stakeholders to protect the organizations infrastructure.Key Responsibilities:
Security Monitoring & Incident Detection:
Monitor security alerts and data from various security platforms (e.g.
SIEM NDR EDR XDR) to detect and respond to potential threats.Utilize SIEM tools (e.g.
Splunk ArcSight QRadar) to aggregate analyze and correlate logs and events for threat detection and incident investigation.Incident Response & Mitigation:
Lead or participate in incident response activities including analysis containment eradication and recovery.Use SOAR platforms (e.g.
Demisto Phantom Swimlane) to automate and orchestrate incident response workflows.Investigate security incidents across endpoints networks and applications and provide recommendations for remediation.Threat Intelligence & Tuning:
Leverage threat intelligence feeds and integrate them with SIEM/XDR platforms to enhance detection capabilities.Continuously tune and optimize security tools to improve detection and response times minimizing false positives.Security Tool Management & Optimization:
Manage and finetune the configuration of security tools including McAfee ePO Antivirus EPP (Endpoint Protection Platform) and DLP (Data Loss Prevention) solutions.Support the implementation and maintenance of network and endpoint security solutions (EDR NDR XDR).Data Protection & Classification:
Ensure data security policies are enforced using Data Loss Prevention (DLP) tools and data classification frameworks.Implement and enforce best practices for protecting sensitive and confidential data adhering to internal and external compliance requirements.Vulnerability Management:
Work with vulnerability management teams to identify assess and remediate security weaknesses across the enterprise infrastructure.Conduct regular assessments to ensure endpoint protection and security tools are up to date and fully operational.Collaboration & Reporting:
Work closely with IT Network and Development teams to ensure security measures are incorporated into the infrastructure and applications.Provide regular reports to management on security incidents trends and improvements to the security posture.Security Awareness & Training:
Assist in creating and delivering security awareness training for employees ensuring that security protocols and best practices are understood and followed.Compliance & Documentation:
Maintain documentation of security incidents investigations and system configurations in accordance with compliance and audit standards.Assist in compliance efforts for relevant security frameworks and regulations (e.g.
GDPR HIPAA PCIDSS).RequirementsEducation:
Bachelor s degree in Computer Science Cybersecurity Information Technology or a related field or equivalent work experience.Required experience:
35 years of experience in security operations or a related field with handson experience using a variety of security technologies and tools.Technical Skills:
Security Tools:
Extensive experience with SIEM platforms (e.g.
Splunk QRadar ArcSight) SOAR (e.g.
Demisto FortiSoar) EDR (e.g.
CrowdStrike Cybereason Carbon Black) XDR NDR EPP DLP and Data Classification tools.Endpoint Security:
Familiarity with McAfee ePO Antivirus solutions and endpoint protection tools.Network Security:
Experience with network security technologies firewalls IDS/IPS and NDR platforms.Scripting & Automation:
Experience with scripting languages (e.g.
Python PowerShell) to automate security workflows and incident response processes.Threat Intelligence & Analysis:
Ability to consume and integrate threat intelligence into security operations tools.Cloud Security:
Familiarity with cloud platforms (AWS Azure GCP) and security considerations for cloud infrastructure.Certifications (Preferred):
Certified Information Systems Security Professional (CISSP)Certified Ethical Hacker (CEH)GIAC Security Operations Certified (GSOC)Certified Incident Handler (GCIH)CompTIA Security or equivalentKey Skills & Attributes:
Strong analytical skills with the ability to triage and investigate security events.Indepth understanding of security operations incident response and risk management.Strong troubleshooting skills and ability to think critically under pressure.Excellent communication skills including the ability to explain complex technical concepts to nontechnical stakeholders.Proactive and collaborative mindset able to work effectively across multiple teams.A deep understanding of emerging security threats and trends with a passion for continuous learning.
Education:
Bachelor s degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent work experience.
Required experience:
3-5 years of experience in security operations or a related field, with hands-on experience using a variety of security technologies and tools.
Technical Skills:
Extensive experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight), SOAR (e.g., Demisto, FortiSoar), EDR (e.g., CrowdStrike, Cybereason, Carbon Black), XDR, NDR, EPP, DLP, and Data Classification tools.
Endpoint Security:
Familiarity with McAfee ePO, Antivirus solutions, and endpoint protection tools.
Network Security:
Experience with network security technologies, firewalls, IDS/IPS, and NDR platforms.
Scripting & Automation:
Experience with scripting languages (e.g., Python, PowerShell) to automate security workflows and incident response processes.
Threat Intelligence & Analysis:
Ability to consume and integrate threat intelligence into security operations tools.
Cloud Security:
Familiarity with cloud platforms (AWS, Azure, GCP) and security considerations for cloud infrastructure.
Certifications (Preferred):
Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) GIAC Security Operations Certified (GSOC) Certified Incident Handler (GCIH) CompTIA Security+ or equivalent Key Skills & Attributes:
Strong analytical skills with the ability to triage and investigate security events.
In-depth understanding of security operations, incident response, and risk management.
Strong troubleshooting skills and ability to think critically under pressure.
Excellent communication skills, including the ability to explain complex technical concepts to non-technical stakeholders.
Proactive and collaborative mindset, able to work effectively across multiple teams.
A deep understanding of emerging security threats and trends, with a passion for continuous learning.