Security Operations Engineer - Oklahoma City, United States - Kroll Bond Rating Agency
Description
Position Title:
Security Operations Engineer (remote)
Entity:
KBRAHoldings, LLC
Employment Type:
Full-time
Location:
Remote
(Remote only in CA, CO, DC, FL, IL, MD, NJ, MA, NY, PA, SC, TX, VA)
Summary/Overview:
KBRA
(
KBRAHoldings, LLC) is seeking a
Security Operations Engineer
to join our growing I nformation Security
team. This role can be fully remote and reports to the Senior Security Operations Engineer.
About the Team:
KBRAintegrates security into all areas of the business and technology which has created a strong security culture. The collaboration with the various teams requires the security operations team to have a broad range of security knowledge. This is a fun and fast-paced environment where new ideas and technologies are encouraged and pursued.
About the Job:
As a
Security Operations Engineer , you will be responsible for assisting the Senior Security Operations Engineer to mature the security posture of the organization.
You will need to be able to communicate risks to the business teams, vulnerabilities to the IT teams, and threats to our security team.
This is a hands-on engineering role that requires comprehensive knowledge of information security fundamentals.The Security Operations team is responsible for a number of security areas, including:
Incident Response / Security Monitoring
Vulnerability Management
Security Awareness Training
Cloud Security
Endpoint Security (EDR, CASB)
Network Security (IDS)
Email & Web Gateways
Threat Hunting / Threat Intel
Job Responsibilities:
Find threats, vulnerabilities and misconfigurations in KBRA's environment.
Assist coordinating with operations, systems and network engineers to ensure servers and network devices are patched up to date based on policy, conform to security standards, and that security devices and controls are working as designed
Manage, monitor, track, and respond to security alerts coming from security monitoring tools such as Endpoint Detection and Response, Antivirus, Proxy, Varonis, Data Leakage Prevention, Intrusion Detection Systems, etc.
Define, manage, and response to security events within a multi-cloud architecture.
Troubleshoot issues with security technologies such as Antivirus, Endpoint Detection and Response, Proxy, Data Leakage Prevention, certificates, etc.
Assisting with the phishing program, annual security training, and other events (October Cyber awareness month).
Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices.
Able to participate in a 24x7 on-call rotation.
About You:
Bachelor's degree in a related field, or other related experience.
A minimum of three (3) years of experience in systems and/or network administration, architecture, or engineering.
Three (3) or more years working with an information security system (e.g. vulnerability scanning, anti-malware, content filtering, breach detection, network security).
Demonstrated fundamental understanding of system and network security principles and technology.
Familiarity with information security concepts and frameworks such as defense in depth, zero trust networking, Mitre Attack framework, Top 20 Critical Controls, NIST Cybersecurity Framework.
Our Tech Stack:
Our team works with many different technologies, and we understand that no one will have experience with all of them.
Here is an incomplete list:
Operating Systems:
Windows, Linux, MacOS
Cloud Platforms:
AWS, Azure
Microsoft:
O365, Active Directory
Network:
Intrusion Detection/Prevention Systems, Firewalls, Proxies
Endpoint:
Antivirus, EDR, Data Leakage Prevention
Vulnerability Management:
Tenable, Rapid7, Qualys
SIEM Technologies:
Azure Sentinel, Splunk, Elastic
Threat Hunting / Data Intelligence Methodologies and Tools
Key Job Qualifications:
We are looking for someone who is enthusiastic and passionate about security. This person will be given the freedom to take ownership of tasks and encouraged to find areas of improvement.
You will be successful in this role if you:
Demonstrated expertise in security investigations and driving Security team initiatives.
Knowledge of OS internals, including Windows, Linux, or Mac.
High proficiency with security tools like SIEM, EDR, CASB, DLP, and vulnerability management with the ability to configure and manage these tools.
Salary Range:
The anticipated annual base salary range for this full-time position is $85,000 to $120,000. Offer amounts are determined by factors such as experience, skills, geography, and other job-related factors.
Benefits:
Competitive benefits and paid time off
Paid family and disability leave
401(k) plan, including employer match (100% vested)
Educational and professional development financial assistance
Employee referral bonus program
Cell phone reimbursement
About Us:
KBRAis a full-service credit rating agency registered in the U.S., the EU and the UK, and is designated to provide structured finance ratings in Canada.
More Info:
KBRAencourages applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, and veteran status or any other basis prohibited by federal, state or local law.
#LI-SS1
#J-18808-Ljbffr