Job Description

Job Title

Information Security Operations Engineer

Summary

Selected Candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. As part of the Global Security Operations Center team, he/she should be responsible for improving security operations and monitoring security events in EDR, permitter scanning, threat detection, preventative advanced threat hunting, across all security tools. This job requires Flexibility of working in 24/7 rotational shifts which includes night shift and weekends.

Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. Responsible for the identification and assessment of enterprise risks. Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture Articulates security policies, guidelines and standards to customers and developers. Able to apply theories, concepts, principles, and methodologies to difficult but conventional assignments. Assignments are given in terms of objectives to be met. Works independently within an established framework. Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents. Implement IS and cyber security policies and take measures against intrusion, frauds, attacks, or leaks. Continue to build knowledge of the organization, processes, and customers. Performs a range of straightforward assignments. Use prescribed guidelines or policies to analyze and resolve problems. Receives a moderate level of guidance and direction Partners with Security Architecture on critical scope delivery Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network to identify malicious activity, abnormal behaviors, and emerging attacker techniques. Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage.



INCO: "Cushman & Wakefield"