SOC Engineer Level III

In the Information Security Operations Engineer III role, ensure that IT systems and underlying infrastructure are implemented to “security in depth” standards and best practices.  

Responsibilities

• Develop, document and implement a layered security platform and associated processes enabling core operational requirements for:  
• Network and Host-based security 
• Applications and data security 
• Security monitoring & alerting 
• Access management  
• Ensure all firewalls, security devices, systems, databases, and applications are logging and that monitoring tools are alerting appropriately
• Research new and emerging security attacks and develop techniques to identify these threats
• Demonstrate extensive experience and knowledge of IT security principles, techniques, and technologies and be able to build, install, and configure security solutions
• Effectively write, modify, and update security solution documentation
• Develop threat models and methodologies using the MITRE ATT&CK Framework and identify solutions to mitigate these threats
• Train and mentor other team members
• Partner with Quality Systems & Infrastructure Management ensuring proper quality management 
• Partner with Development and Business Intelligence teams to ensure layered security for new products and services 
• Ensure systems and process adhere to security requirements for network, host, applications and access security methodologies 
• Lead, document and implement/instrument a cloud security profile, including:  
• Service infrastructure and platform security planning requirements 
• Security monitoring integration with Infrastructure Support System 
• Monitoring and advising and security patching requirements 
• Overall ownership and sign-off on security profile readiness for all SaaS, Business Systems, Operational Support Systems and Client Services Systems

Other Duties and Responsibilities: 

Effectively collaborate and communicate with Development, Infrastructure, DevOps and LoBs in cross-functional teams and relevant management to report out security operations status 

Qualifications 

• BS/BA degree in Computer Science, Information Systems or related field 
• Possess one or more advanced professional security certifications related to chosen discipline (CISSP, CCSP, CEH) 
• Demonstrated understanding of Information Security best practices 
• At least 2 years’ experience implementing layered security practices for network, host, applications, data and access to IaaS, PaaS and SaaS services in a hybrid deployment environment
• Deep experience in developing and deploying security specific solutions including the automation of repeatable security tasks and controls 
• Strong practical knowledge of web authentication / authorization standards 
• Solid oral and written communication skills 
• Solid collaboration skills
• Experience implementing and operating security technologies and processes in a hybrid cloud environment, such as AWS or Azure, and customer premise 
• Have 2 years of cloud-based security run-time management experience
• Experience with software-defined network, compute and storage platforms 
• Strong networking fundamentals, including TCP/IP, VLAN’s, DNS, load balancing and software-defined layer 2/3 rule configurations
• Deep experience with security vulnerability and penetration tools such as Tenable, Qualys, ProofPoint, and Pentera
• Implementation and management experience with hardware and software firewalls, AV, and IDS/IPS platforms