Security Operations Engineer

Review and analyze reported suspicious emails.

Perform header analysis, URL sandboxing, and attachment detonation to identify malicious intent.

Execute remediation steps, such as purging malicious emails from the environment.

Monitor DLP consoles for unauthorized movement of sensitive data.

Investigate incidents involving PII or intellectual property.

Work with business units to distinguish between legitimate workflows and policy violations.

Monitor the SIEM (Security Information and Event Management) for alerts across endpoints, networks, and cloud environments.

Follow standard operating procedures (SOPs) to escalate high-severity incidents to Tier 2/3 analysts.

Assist in routine scans and ensure security agents are healthy and reporting correctly across the fleet.

Education: Bachelor’s degree in Cybersecurity, Computer Science, IT, or equivalent experience/certifications.

Technical Literacy: * Foundational understanding of the TCP/IP stack and common protocols (HTTP, DNS).

• Familiarity with macOS, and Linux operating systems.

Analytical Mindset: Ability to correlate disparate data points to identify patterns of malicious behavior.

Communication: Strong written skills for documenting incident findings and communicating with employees regarding security policy.

Eagerness to Learn: A "student of the game" mentality—staying up to date with the latest threat actor TTPs (Tactics, Techniques, and Procedures).