Job Title: Security Operations Engineer

Job Description

We are seeking a Security Operations Engineer who will be responsible for monitoring, triaging, and investigating security threats across our systems and networks. This role will involve continuously improving cybersecurity detection and response operations, contributing to our Security Operations knowledge base, and participating in incident response and escalations.

Responsibilities

• Monitor, triage, and investigate security threats across systems and networks.
• Help continuously improve cybersecurity detection and response operations.
• Contribute to Security Operations knowledge base materials (playbooks, runbooks, etc.).
• Track Security Operations KPIs.
• Participate in on-call rotation for incident response and escalations.

Essential Skills

• Experience working in a Security Operations program.
• Familiarity with Cloud Security (AWS).
• Experience triaging and investigating cybersecurity alerts.
• Experience with SIEM, EDR, and log analysis.
• Python programming.
• Exceptional communication and stakeholder management skills.

Additional Skills & Qualifications

• SIEM correlation rule tuning and lifecycle management.
• Experience conducting training and mentoring for Security Operations and Incident Response.
• Experience with infrastructure-as-code.
• Metrics/Data Analytics experience.
• Experience aligning Security Operations with industry standards including NIST, SOC2, and ISO.

Work Environment

Preferred to sit in the Pittsburgh office but can be 100% remote. The team focuses on building, testing, and maintaining threat detection controls, operating and maintaining a mature Security Operations program, and leading investigations of cybersecurity events.