Principal Security Operations Engineer

As a Senior Security Engineer at our company, you will play a crucial role in building and leading our new Security Operations and Incident Response function. Your responsibilities will include developing the detection and response strategy, managing security monitoring systems, and collaborating across the organization to reduce risks and respond to threats effectively. **Key Responsibilities:** - Act as the primary technical owner for the SIEM solution and lead the integration and continuous fine-tuning of detection rules and alerts. - Design and implement a comprehensive monitoring strategy for critical environments, including cloud service providers and corporate networks. - Manage the security operations tool stack, including XDR and other detection technologies. - Lead the end-to-end incident response lifecycle for all security incidents, from detection to recovery, ensuring minimal impact on the business. - Develop incident response playbooks for various scenarios and execute proactive threat hunts. - Integrate threat intelligence to enrich security alerts and guide proactive security efforts. - Build and mature the company-wide Incident Response program, define policies, procedures, and communication plans. - Develop and lead incident response training and conduct tabletop exercises with stakeholders. - Define and report on key security metrics to leadership and conduct post-mortem reviews. **Required Qualifications:** - 10+ years of experience in cybersecurity, with at least 7 years focused on security operations, incident response, and digital forensics. - Expert-level knowledge of the incident response lifecycle and experience acting as an incident commander. - Deep technical expertise with core security technologies, including SIEM, XDR, and network analysis tools. - Proficiency in scripting for automation and analysis. - Exceptional communication skills and ability to remain effective under pressure. **Preferred Qualifications:** - Experience building a security operations or incident response function from the ground up. - Experience managing relationships with third-party vendors, particularly MSSPs. - Proficiency with Security Orchestration, Automation, and Response platforms. - Relevant industry certifications. - Bachelor's degree in Computer Science, Information Security, or related field. As a Senior Security Engineer at our company, you will play a crucial role in building and leading our new Security Operations and Incident Response function. Your responsibilities will include developing the detection and response strategy, managing security monitoring systems, and collaborating across the organization to reduce risks and respond to threats effectively. **Key Responsibilities:** - Act as the primary technical owner for the SIEM solution and lead the integration and continuous fine-tuning of detection rules and alerts. - Design and implement a comprehensive monitoring strategy for critical environments, including cloud service providers and corporate networks. - Manage the security operations tool stack, including XDR and other detection technologies. - Lead the end-to-end incident response lifecycle for all security incidents, from detection to recovery, ensuring minimal impact on the business. - Develop incident response playbooks for various scenarios and execute proactive threat hunts. - Integrate threat intelligence to enrich security alerts and guide proactive security efforts. - Build and mature the company-wide Incident Response program, define policies, procedures, and communication plans. - Develop and lead incident response training and conduct tabletop exercises with stakeholders. - Define and report on key security metrics to leadership and conduct post-mortem reviews. **Required Qualifications:** - 10+ years of experience in cybersecurity, with at least 7 years focused on security operations, incident response, and digital forensics. - Expert-level knowledge of the incident response lifecycle and experience acting as an incident commander. - Deep technical expertise with core security technologies, including SIEM, XDR, and network analysis tools. - Proficiency in scripting for automation and analysis. - Exceptional communication skills and ability to remain effective under pressure. **Preferred Qualifications:** - Experience building a security operations or incident response function from the ground up. - Experience managing relationships with third-party vendors, particularly MSSPs. - Proficiency with Security Orchestration, Automation, and Response platforms. - Relevant industry certifications. - Bachelor's degree in Computer Science, Information Security, or related field.