Job Specifications
SecOps Engineer!
Responsible for maintaining and improving an organization's cybersecurity posture by
monitoring, detecting, responding to, and mitigating security threats and incidents. They bridge the gap between security and IT operations, ensuring systems, networks, and data are protected while maintaining operational efficiency.
Dimensions:
Threat Monitoring and Detection:
• Continuously monitor systems, networks, and applications for suspicious activity using tools
like SIEM (Security Information and Event Management) systems, IDS/IPS, or endpoint
detection solutions.
• Analyze security alerts and logs to identify potential threats or vulnerabilities.
• Incident Response and Mitigation:
• Respond to security incidents, such as malware infections, data breaches, or unauthorized
access, by investigating, containing, and resolving issues.
• Develop and execute incident response plans to minimize impact and prevent recurrence.
• System and Network Security:
• Implement, configure, and maintain security tools and technologies (e.g., firewalls, antivirus,
encryption, and authentication systems).
• Harden systems and networks by applying security patches, updates, and best practices.
• Automation and Process Improvement:
• Automate repetitive security tasks using scripting (e.g., Python, PowerShell) or orchestration
tools to improve efficiency.
• Develop and optimize workflows to enhance security operations and reduce response times. • Documentation and Reporting:
• Document security incidents, procedures, and configurations.
• Generate reports for stakeholders to communicate security status, risks, and
recommendations.
Tasks
• Respond to, investigate, and analyze security events to determine appropriate actions
• Analyze security system logs, security tools, and available data sources to identify attacks
against the enterprise and report on irregularities, issues related to improper access
patterns, trending, and event correlations
• Conduct and apply detection engineering concepts to analyze, create, and tune detection
logic and telemetry to ensure effective coverage and detection of existing and emerging
threats
• Perform security posture analysis to improve overall IT ecosystem utilizing telemetry from
security tools (Secure Score, KQL analysis, custom reporting etc.)
• Gather information from other IT and non-IT staff to obtain information regarding
security problems to networks, servers, endpoints, and applications
• Perform incident response activities and ensure that proper protection or corrective
measures have been taken when an incident has been discovered
• Assist with administration of information security controls and software such as endpoint
protection, endpoint detection and response, intrusion detection/prevention (IDS/IPS),
security incident and event management (SIEM), and physical security systems
• Expected to stay current on security industry trends, new threats and attack techniques,
mitigation techniques, and emerging security technologies
• Provide insight and participate in security projects to evaluate and recommend security
products for various applications and platforms throughout the organization while
supporting business initiatives
• Assist with the development, maintenance of, and training on technical documentation
and Standard Operating Procedures (SOP)
• Improve security efficiency and streamline/automate work processes while working
collaboratively with other team members and IT staff to accomplish objectives
• Participate in critical incidents and implementation reviews
• Additional responsibilities as identified. This description is not designed to encompass a
comprehensive listing of required activities, duties, or responsibilities
Skills & Experiences:
• WINDOWS experience
• Highly motivated to work in information security
• Minimum three (3) years of Information Security experience, or experience working in
Information Technology
• Bachelor’s degree in Information Technology or related field preferred; however work
experience and background may be considered in lieu of formal education
• Proven experience creating detection logic, SIEM rules, custom detections within EDR
tools, etc.
• Cloud security experience within Azure or other platforms (AWS, GCP)
• Collaborative interpersonal skills with the ability to work well as an individual and as
part of a team
• Ability to provide formal reports and presentations to people at all levels of the
business, each with varying degrees of technical knowledge
• Proficient knowledge of information systems security concepts and current
information security trends and practices
• Working knowledge of infrastructure security tools such as firewalls, network security
monitoring, anti-malware, OS hardening, etc.
• Experience integrating security tools through scripting, using API’s and improving
existing processes through automated methods are a plus
• Incident
About the Company
We’re Harvey Nash, and we build amazing technology and digital teams. From senior appointments through to recruitment and project solutions, we are experts in the tech sector.
Established in 1988, we have helped over half the world’s leading companies recruit, retain, source and manage the highly skilled tech talent they need to succeed in an increasingly competitive, global and technology driven world.
With over 3.300 staff in more than 49 offices across Europe, Asia-Pacific and the U.S and Canada, we have built a rep...
Know more