SecOps Engineer

ControlUp is the market leader in IT Monitoring, Self-healing and Analyzing virtual environments, creating solutions that save IT organizations time, money, and stress. We are seeking a SecOps Engineer which will design, implement and maintain our security operations. As the name of the role suggests, a SecOps engineer will need to have a combination of SecOps capabilities with an Automation orientation. Responsibilities will include establishing and maintaining a variety of security controls, alert triage, incident handling, and finding and remediate security issues in our environments. As a SecOps Engineer at ControlUp, you’ll have a direct impact on protecting all network environments of ControlUp from cyber attacks. This will be achieved by constant development and maintenance of various security technological controls, monitoring and assessing risk, and protecting corporate assets.

Responsibilities:

• Establishing IT Security projects from inception to execution including maintenance.
• Troubleshooting issues to identify root causes and prevent recurrence in Linux and Windows and MacOs environments
• A passion and talent for aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals.
• Create, optimize, maintain and document security content on security platforms.
• Design new detection techniques and improve current capabilities.
• Identify gaps within existing security tools and recommend additional mitigations.
• Experience developing and testing security architectures of cloud-based systems.
• Analyze security logs, monitoring logs, firewall logs, intrusion prevention system logs, and network and correlate logs using numerous database query techniques and tools.
• Demonstrated experience working with network, host, and user activity data, assessing norms and identifying anomalies.
• Drive onboarding of new logs into SIEM/Log collection tools and create a process to baseline and normalize log data across corporate networks.

Requirements:

• 3+ years in Cyber Security Operations or equivalent experience.
• Strong understanding of information security principles and practices (confidentiality, integrity, availability)
• Proficiency in security monitoring tools and technologies (SIEM, EDR, SOAR, etc.)
• Experience managing and securing Active Directory environments
• Experience with security incident detection, analysis, response, and remediation processes
• Hands-on skills with security data sources (logs, network traffic, endpoints, etc.)
• Working knowledge of cloud security (AWS, Azure) and virtualization concepts
• Experience with vulnerability management and patch management processes
• Programming and scripting abilities (Python, PowerShell, Bash) for security automation
• Ability to collaborate cross-functionally with IT, DevOps, and business teams
• Experience configuring, managing and analyzing firewall policies and rules
• Knowledge of Privileged Access Management Solutions - advantage.
• Drive for continuous learning to keep up with evolving security landscape