Senior Security Operations Engineer

Senior Security Operations Engineer ROLE DESCRIPTION SUMMARY SES’s Senior Security Operations Engineer focuses on advancing SES’s Information Security threat and compliance program by security monitoring, threat & vulnerability management, and delivering professional reports including findings and recommendations. The Senior Security Operations Engineer is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.  PRIMARY RESPONSIBILITIES / KEY RESULT AREAS Lead incident response in response to security events and incidents. Correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents. Perform in-depth root cause analysis and diligently gather information prior to escalation for future root cause analysis. Event and incident handling consistent with applicable plans and processes. Analyzing, triaging, aggregating, escalating, and reporting on security events including investigation of anomalous network activity, and responds to cyber incidents within the network environment. Continuous & persistent monitoring of security technologies/tool data and network traffic which result in security alerts generated, parsed, triggered, or observed on the in-scope networks, systems, or security technologies. Rapidly assess network traffic, detect data anomalies, and provide detailed reporting on the same. Correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents. Perform in-depth root cause analysis and diligently gather information prior to escalation for future root cause analysis. Event and incident handling consistent with applicable plans and processes. Integration of activities with standard reports, such as security metrics reports. Lead team/project meetings and technical meetings appropriate for the content. Ensures assigned tasks and projects are completed on schedule. COMPETENCIES Strong organizational skills and ability to stay focused while managing multiple tasks concurrently. Understanding of current attack tools, tactics, procedures, and how to detect and/or mitigate them. Strong critical thinking/analytical skills, creativity, and a proven drive for quality QUALIFICATIONS & EXPERIENCE Must Have Four Year college degree in a technical field of study or equivalent work experience Technical knowledge and aptitude in the areas of networks, network topologies, remote network access, servers, applicable software and troubleshooting techniques required. Experience working in a SOC or similar environment. Experience with reviewing IDS/IPS, EDR, Firewall and other security/audit logs Experience monitoring and analyzing a Security Information and Event Management (SIEM) to identify security issues for remediation, and rules fine tuning. Consolidate and conduct comprehensive analysis of threat data obtained from proprietary, and open-source threat intelligence resources for potential and known threats and acting on identified indicators. Nice to Have Participates in the planning, design, and implementation of enterprise security architecture. Experience with threat and vulnerability management, penetration testing, vulnerability assessments, and vulnerability mitigation One or more of the following security certifications: Security+, CEH, CYSA+, GCIA, GSEC, GCIA, GMON and GCDA Experience as a shift lead or supervisor role. SES and its Affiliated Companies are committed to providing fair and equal employment opportunities to all. We are an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, gender, pregnancy, sex, sexual orientation, gender identity, national origin, age, genetic information, protected veteran status, disability, or any other basis protected by local, state, or federal law. For more information on SES, click .