SecOps Engineer serves as a recognized expert on IT risk management, providing an active role in shaping and influencing design and implementation of key information technology strategies. This role will have responsibility for sourcing and introducing both internal and external best practices into IT risk management and security to build the capability of the function and its teams.

Essential job functions:

Under general supervision, the SecOps Engineer will:

• Ensure compliance with security policies, standards, and procedures
• Coordinate with firm IT Operations teams, including Systems, Network, Dev-Ops and Help Desk teams on implementation and support of key Microsoft/Azure/ O365 and AWS initiatives.
• Provide SME support for new and existing Cloud initiatives security systems for network, application, and databases; providing technical support as needed.
• Assist in maintaining enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
• Assist with the creation of a common control framework, for use by all project teams in meeting ATO requirements.
• Work with all functions within the IT operations team to implement threat detection signals, deploy new tooling, and improve response capabilities.
• Identify opportunities for security process improvement and assist in the further development of those processes.
• Conducts audits and/or assessments, to identify cloud-related risks and vulnerabilities and coordinates remediation activities
• Tracks and reports on the effectiveness of cloud information security technology controls, processes, and policies.
• Provides threat modeling and risk assessment to identify the risk and severity posture of various systems in cloud environments
• Assists with the investigation of security incidents, recommends, and implements solutions to remediate or mitigate threats and vulnerabilities.
• Provide subject matter expertise with Office 365 and Microsoft Azure with emphasis in security products and processes such as ATP (Advanced Threat Protection), security policies for Office 365, Azure AD Identity Protection and Conditional Access (CA).
• Provide subject matter expertise in compliance and data retention, leveraging Office 365, Data Loss Protection. Provide architecture and security expertise for Microsoft Azure and AWS security technologies and strategy.
• Provide consultation on higher level services such as IaaS, PaaS and SaaS layers, Authentication/Authorization, Data encryption, Key management, and other security services.
• Maintains current knowledge of relevant security, privacy, and cloud technology trends.
• Collaborates in the design, development, and implementation of security standards.

MINIMUM QUALIFICATIONS:

Education: BS in technical discipline and or demonstrated 10+ years industry experience. Certified Information Systems Security Specialist certification (CISSP). At least 5 years' experience in the following areas:

• Hands on experience managing IT Infrastructure solutions which includes operating systems, networks, DNS, firewalls, SSO, MFA, AWS, Azure, Active Directory, IaaS, PaaS, and SaaS.
• Administration and management of security technologies and products such as SIEM, data loss prevention, endpoint security, sandboxing, threat intelligence, pen testing and vulnerable vulnerability management, identity management.
• Experience as an Azure/O365 engineer.
• Experience with security automation and orchestration

Job Knowledge:

• Familiarity with best practices for vulnerability management, risk analysis, reporting metrics and assessments.

• Familiar with industry security standards such as NIST cybersecurity framework, ISO 27001, OWASP Security Testing guidelines.

Language: English fluency (oral and written)

Physical Requirements:

• Ability to sit for prolonged periods at a desk or computer workstation.
• Regularly uses a computer, keyboard, and mouse.
• Normal or corrected vision to read documents, view computer screens, and perform tasks that require visual accuracy.
• Ability to hear and understand spoken information in person and over the phone.
• Minimal lifting and carrying may be required, typically light office supplies or documents.
• Ability to move within the office environment to access equipment, files, and interact with colleagues.
• Ability to handle occasional stress related to deadlines, workloads, or challenging tasks.

OTHER DUTIES AS ASSIGNED: This position description should not be construed to imply that these requirements are the exclusive standards of the position, nor will it be the sole basis for any subsequent employee evaluations. Incumbents will follow any other instructions and perform any other related duties as may be required by their supervisor.

APPLICATION INFORMATION:
If you meet the minimum requirements for this position, please click on the "Apply" link posted below and complete the application. Please include a cover letter, resume, and at least three (3) professional references.

Our company is an equal opportunity/affirmative action employer. Applicants can learn more about the company's status as an equal opportunity employer by viewing the federal "EEO is the Law" poster at EEOPost.pdf.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected Veteran status.