Security Operations Engineer - Oklahoma City, United States - Kroll Bond Rating Agency

Description

Position Title:
Security Operations Engineer (remote)


Entity:

KBRAHoldings, LLC


Employment Type:
Full-time


Location:
Remote

(Remote only in CA, CO, DC, FL, IL, MD, NJ, MA, NY, PA, SC, TX, VA)


Summary/Overview:

KBRA
(
KBRAHoldings, LLC) is seeking a

Security Operations Engineer

to join our growing I nformation Security

team. This role can be fully remote and reports to the Senior Security Operations Engineer.


About the Team:

KBRAintegrates security into all areas of the business and technology which has created a strong security culture. The collaboration with the various teams requires the security operations team to have a broad range of security knowledge. This is a fun and fast-paced environment where new ideas and technologies are encouraged and pursued.


About the Job:
As a

Security Operations Engineer , you will be responsible for assisting the Senior Security Operations Engineer to mature the security posture of the organization.

You will need to be able to communicate risks to the business teams, vulnerabilities to the IT teams, and threats to our security team.

This is a hands-on engineering role that requires comprehensive knowledge of information security fundamentals.

The Security Operations team is responsible for a number of security areas, including:

Incident Response / Security Monitoring

Vulnerability Management

Security Awareness Training

Cloud Security

Endpoint Security (EDR, CASB)

Network Security (IDS)

Email & Web Gateways

Threat Hunting / Threat Intel


Job Responsibilities:
Find threats, vulnerabilities and misconfigurations in KBRA's environment.

Assist coordinating with operations, systems and network engineers to ensure servers and network devices are patched up to date based on policy, conform to security standards, and that security devices and controls are working as designed

Manage, monitor, track, and respond to security alerts coming from security monitoring tools such as Endpoint Detection and Response, Antivirus, Proxy, Varonis, Data Leakage Prevention, Intrusion Detection Systems, etc.

Continuously works to tune security tools to minimize false positives and maximize detection and prevention effectiveness.

Define, manage, and response to security events within a multi-cloud architecture.

Troubleshoot issues with security technologies such as Antivirus, Endpoint Detection and Response, Proxy, Data Leakage Prevention, certificates, etc.

Assisting with the phishing program, annual security training, and other events (October Cyber awareness month).

Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices.

Able to participate in a 24x7 on-call rotation.


About You:
Bachelor's degree in a related field, or other related experience.

A minimum of three (3) years of experience in systems and/or network administration, architecture, or engineering.

Three (3) or more years working with an information security system (e.g. vulnerability scanning, anti-malware, content filtering, breach detection, network security).

Demonstrated fundamental understanding of system and network security principles and technology.

Familiarity with information security concepts and frameworks such as defense in depth, zero trust networking, Mitre Attack framework, Top 20 Critical Controls, NIST Cybersecurity Framework.

Strong communication, project management, and collaboration skills.


Our Tech Stack:

Our team works with many different technologies, and we understand that no one will have experience with all of them.

Here is an incomplete list:

Operating Systems:
Windows, Linux, MacOS


Cloud Platforms:
AWS, Azure


Microsoft:
O365, Active Directory


Network:
Intrusion Detection/Prevention Systems, Firewalls, Proxies

Endpoint:
Antivirus, EDR, Data Leakage Prevention

Vulnerability Management:
Tenable, Rapid7, Qualys

SIEM Technologies:
Azure Sentinel, Splunk, Elastic

Threat Hunting / Data Intelligence Methodologies and Tools


Key Job Qualifications:
We are looking for someone who is enthusiastic and passionate about security. This person will be given the freedom to take ownership of tasks and encouraged to find areas of improvement.

You will be successful in this role if you:

Demonstrated expertise in security investigations and driving Security team initiatives.

Knowledge of OS internals, including Windows, Linux, or Mac.

High proficiency with security tools like SIEM, EDR, CASB, DLP, and vulnerability management with the ability to configure and manage these tools.

Excellent verbal, written and presentation skills are essential to effectively communicate information throughout all levels within the organization.


Salary Range:
The anticipated annual base salary range for this full-time position is $85,000 to $120,000. Offer amounts are determined by factors such as experience, skills, geography, and other job-related factors.


Benefits:
Competitive benefits and paid time off

Paid family and disability leave

401(k) plan, including employer match (100% vested)

Educational and professional development financial assistance

Employee referral bonus program

Cell phone reimbursement


About Us:

KBRAis a full-service credit rating agency registered in the U.S., the EU and the UK, and is designated to provide structured finance ratings in Canada.

KBRA's ratings can be used by investors for regulatory capital purposes in multiple jurisdictions.


More Info:

KBRAencourages applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, and veteran status or any other basis prohibited by federal, state or local law.

#LI-REMOTE

#LI-SS1

#J-18808-Ljbffr