About the Role

We are seeking a skilled SecOps Engineer to join our Enterprise Security team. In this role, you will be responsible for maintaining and enhancing our security posture through incident response, security monitoring, automation initiatives, and enterprise security management. The ideal candidate will combine technical expertise with analytical skills to protect our infrastructure, data, and corporate environment.

Key Responsibilities

• Lead incident response efforts, including investigation, containment, eradication, and recovery of security incidents
• Monitor and analyze security events using Elastic SIEM, developing and maintaining detection rules and alerts
• Design and implement security automation workflows to streamline operations and reduce response times
• Manage and enhance cloud security controls across our infrastructure
• Administer enterprise identity management systems, with focus on Okta platform configuration and user lifecycle management
• Oversee device management policies and endpoint security controls across the organization
• Conduct security audits of SaaS applications like Google Workspace, Slack, Jira, etc including access reviews and configuration assessments
• Execute breach and attack simulation exercises to test security controls and incident response procedures
• Perform threat hunting and vulnerability assessments to proactively identify security risks
• Develop and maintain security playbooks and documentation
• Collaborate with other IT teams to implement security best practices

Required Qualifications

• 5+ years of experience in information security, with focus on security operations
• Strong incident response experience, including handling various types of security incidents
• Proven expertise with Elastic SIEM, including custom rule development and threat hunting
• Experience in security automation using Python, PowerShell, or similar scripting languages
• Experience in Device management, Identity Management, SaaS security audits, etc
• In-depth knowledge of cloud security principles and hands-on experience securing cloud environments (AWS)
• Understanding of common attack vectors, threat actor TTPs, and defensive strategies

Preferred Qualifications

• Relevant security certifications (CISSP, GCIA, GCIH, or similar)
• Experience with SOAR platforms and building automated response workflows
• Knowledge of compliance frameworks (SOC 2, ISO 27001, NIST)
• Familiarity with container security and Kubernetes environments
• Experience with threat intelligence platforms and integration
• Experience with additional device management platforms Google Workspace Administrator certification
• Experience with breach and attack simulation tools

Required Skills

• Strong analytical and problem-solving abilities
• Excellent communication skills and ability to explain technical concepts to non-technical stakeholders
• Experience working in fast-paced environments with ability to prioritize effectively
• Strong documentation skills
• Team player with ability to work independently when needed