Security Operations Engineer
Our client is a private equity firm based in Boston, MA looking to hire a Security Operations Engineer. This individual will understand and apply information security best practices, standards, technology tools, systems, policies and processes that are required to ensure the protection of access to and modification of sensitive data. The ideal candidate has a proactive and collaborative approach to continual improvement of security program. This role requires 3 days per week onsite.
Responsibilities:
- Mature existing DLP reporting program to identify incidents of company data loss, test new cases and deploy into production
- Develop DLP incident detection and reporting process
- Partner with compliance auditors to perform audits and information gathering to ensure compliance
- Serve as point of contact to SMEs and ensure best practices are effectively communicated and implemented
- Contribute to the implementation of auditing and risk management tools, processes and metrics
- Assess new and existing vendor/3rd party suppliers
- Manage detection, triage, and remediation of security incidents
- Prioritize and appropriately remediate security events
- Document security events and suggest and implement improvements, as needed, to better protect against future security incidents
- Coordinate with system owners to schedule and remediate identified security vulnerabilities
- Track outstanding vulnerabilities and follow up until mitigated appropriately
- Utilize existing toolset including traditional signature based AV, next-gen anti-malware, and application whitelisting
Qualifications:
- Bachelor’s degree in an engineering/technical subject
- 3+ years of hands on operational experience
- General understanding of the 7 OSI layers, OWASP Top 10 Security Threats, CIS Top 20 Critical Security Controls
- Hands on experience with: Active Directory, Next-Gen Firewalling, Endpoint Security tools, Multi-Factor authentication, CASB and cloud security, Vulnerability Scanning, and Network Behavioral Monitoring
- Exposure to: Wireless Network Monitoring (Cisco Meraki), Office 365, Spam and Phishing email analysis and response (KnowBe4), Cisco ISE / 802.1x and TrustSEC, Azure Cloud, SIEM / event monitoring and reporting (Rapid 7 IDR),
Our Commitment to Diversity, Equity & Inclusion
The Hollister Group is an equal opportunity employer. We welcome and encourage applications from people who are under-represented in their respective occupation or position.
