Security Operations Engineer

Key Skills- Dlp, Siem, IDS, EDR, Unix/Linux/Windows

Job Description

An experienced Data Loss Prevention (DLP) specialist to join our global cyber security operations and incident response team. The DLP focused Cybersecurity Operations and Incident Response Engineer is a critical member of

the team providing subject matter expertise in the detection, alerting, and investigation of DLP incidents. Successful candidates will have a strong background in DLP analytics, investigation, and incident management.

Key Responsibilities:

· Review and manage DLP alerts.

· Conducts DLP event investigations and provides escalation management.

· Identifies DLP ruleset tuning opportunities and communicates the recommendations.

· Understand technology infrastructure and operational processes in order to enable a more effective response process.

· Creates operational runbooks and response processes and procedures.

· Effectively investigative and conduct root cause analysis, identifying indicators of attack or compromise, attack vectors.

· Deliver verbal and written reports as needed.

· Participates in on-call rotation (including weekends) to ensure continuous operations.

· Participates in internal incident response exercises and drills.

Experience and Educational Requirements:

· 5+ years’ experience in areas of DLP, data classification, and/or data protection.

· OC, DLP, Incident Response Engineer

· Hands-on experience with SIEM, IDS/IPS, EDR, and other security technologies.

· Experience with Unix/Linux/Windows Operating Systems.

· Working knowledge of Shell/Bash/Python.

· Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences.

· Bachelor’s Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems or other related field, or equivalent work experience