Security Operations Engineer

We are seeking a Security Operations Engineer to join the Security Operations Team. Day to day you will focus on preserving IT infrastructure systems, keeping them secure from an external security intrusion with a focus on Palo Alto Firewall and Zscaler and Identity programs. You will create and build protective procedures to preserve the information intact, typically by establishing firewall settings, administering private networks, cloud networks and installing protective hardware. You will utilize and develop processes and standards to ensure that the security environment is not only maintained and consistent, but also aligns with industry best practices. As a Security Operations Engineer you will partner cross-functionally to deliver operational security requirements to ensure alignment and adherence across departments, countries, and regions globally.

Responsibilities

• Design, configure, implement, and maintain security platforms and their associated software, such as firewalls, intrusion detection/intrusion prevention, Antivirus solutions, vulnerability scanners, and security groups.
• Configure and manage Microsoft Defender Advanced Threat Protection (ATP) to detect, investigate, and respond to advanced threats and attacks.
• Implement and maintain Microsoft Azure Security Center to monitor and protect Azure cloud environments.
• Utilize Microsoft Cloud App Security to gain visibility and control over cloud applications and services.
• Utilize Microsoft Security Compliance Manager to ensure adherence to security policies, standards, and regulatory requirements.
• Utilize Microsoft Security Graph API and PowerShell scripting to automate security operations and streamline processes.
• Strong Knowledge on IPSEC VPN configuration, NAT,PAT, HA configuration
• Troubleshoot & Fix day to day Network Issues related to Security Policies, Routing & Operations of Firewall
• Maintain and upgrade firewall hardware and software to guarantee maximum performance.
• Monitor and analyze network traffic for threats.
• Interact with internal and external customers via phone, chat or email to work towards fixing the network issues.
• Provide periodic vulnerability testing and checking the system for weaknesses in software and hardware for risks and impact to the environment.

Qualifications

• Bachelor’s degree in Information Systems or Computer Science, or 5 years equivalent work experience, required.
• Zscaler, Palo Alto, Panorama, MS Defender, Azure and AWS Security components, Microsoft Security and Compliance tools, strongly preferred.
• Experience in security event correlation, tools, and practices, required.
• Hands on experience on monitoring Tools such as Solarwinds
• Working Knowledge on ITSM process, such as change management, Ticket resolution, Identifying & Implementing automation Ideas, and revision control.
• Can do attitude is required, must be eager to learn and leverage all available resources.
• Knowledge of various operating systems like Windows and Linux, preferred.
• Automation tool or scripting experience, such as Ansible, Python, PowerShell, preferred.
• Approximately 10% travel may be required in support of the position’s responsibilities.
• Strong written and oral communication skills, including the ability to present ideas and suggestions clearly and effectively.
• Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
• Strong organizational skills: ability to accomplish multiple tasks within the agreed upon timeframes through effective prioritization of duties and functions in a fast-paced environment.

FAQ

1. What are the primary responsibilities of a Security Operations Engineer?
This role focuses on monitoring, detecting, and responding to security incidents across systems and networks. It involves managing security tools, analyzing alerts, and ensuring timely incident response. The goal is to protect organizational assets and maintain a strong security posture.

2. What tools and technologies are commonly used in this role?
Common tools include SIEM platforms like Splunk or QRadar, endpoint detection and response (EDR) tools, and intrusion detection/prevention systems (IDS/IPS). Security orchestration and automation tools (SOAR) may also be used. Familiarity with firewalls, antivirus solutions, and cloud security tools is important.

3. How does incident response work in this role?
The engineer investigates security alerts, determines their severity, and takes appropriate action to contain and resolve incidents. This includes coordinating with IT and security teams during active threats. Post-incident analysis is conducted to improve future response.

4. What is the role of monitoring and alerting in security operations?
Continuous monitoring helps detect suspicious activity and potential threats in real time. Alerts generated by security tools are analyzed and prioritized based on risk. Effective monitoring ensures quick detection and response to security incidents.

5. How does this role collaborate with other teams?
The Security Operations Engineer works closely with IT, DevOps, and compliance teams to address vulnerabilities and improve security controls. Collaboration ensures alignment between operational needs and security requirements. Clear communication is critical during incidents.