Senior SOC Engineer
San Jose, CR,Costa Rica, CR
hace 5 días

Job Description

Preferred Qualifications

Sr. SOC Engineer

We are seeking a Sr. SOC Engineer to join the Oracle+NetSuite Security team responsible for securing systems, infrastructure, services and data.

The Security Operations Center Analyst will use data collected from a variety of information security tools and sources (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within the enterprise, perform threat analysis, and handle response activities related to potential security incidents.

The candidate must be able to routinely evaluate priorities based on the dynamic nature of the environment. The role requires close collaboration with peers across multiple geographic regions to discuss issues, solutions, and investigations.

Partnership with multiple internal security, operations, and business teams is paramount for success and overall improvement of security operations.

Mentoring is highly encouraged to develop professional relationships and grow colleagues.

Responsibilities Include :

  • Respond to security potential incidents, draft comprehensive incident reports, document and execute lessons learned
  • Identify security events requiring immediate escalation and response
  • Document and communicate analysis of research and findings to peers and leadership
  • Monitor and analyze security events, network traffic, and security alerts across the enterprise
  • Perform advanced analysis of security events and alerts
  • Correlate events from multiple sources during investigations
  • Assist with ongoing development and improvement of processes, detection capabilities, and response procedures to improve overall SOC functions
  • Conduct investigations of potential intrusion attempts to determine remediation actions and escalation paths
  • Facilitate meetings to collaborate with internal teams to identify, resolve, and mitigate attacks and exploits
  • Perform incident response and handling following documented procedures
  • Track investigation activities during an incident, including identifying next steps, spanning across multiple shifts
  • Monitor external data sources to maintain awareness of threat condition and determine which security issues may have an impact on the enterprise
  • Lead a team of junior analysts
  • Required Skills and Experience :

  • Knowledge of security controls including network security technologies (IDS, IPS, firewall, WAF, and RASP), OS hardening, file integrity monitoring, authentication
  • Strong understanding of system and network security threats and vulnerabilities
  • Hands-on experience with TCP / IP and data packet capture analysis, networking fundamentals, common network services, network vulnerabilities and network attack patterns
  • Experience in security event monitoring and triage, incident response, and / or system / network auditing
  • Hands-on experience using SIEM for data analysis and EDR tools for response purposes
  • Familiarity with network and endpoint security applications and tools including network scanning tools, NIDS / HIDS, firewalls and web proxies
  • Self-motivated, excellent analytical and problem solving and critical thinking skills
  • Exercise sound judgement calls for investigative purpose, including making the determination to close a case
  • Ability to proactively and clearly communicate with other technical and non-technical teams during investigations, lessons learned, and to learn about the environment
  • Experience writing detailed incident reports and updates on a regular basis
  • 2+ years leading a team of analysts
  • 5+ years as a SOC Analyst
  • 10+ years in Information Technology preferably as a security engineer, system administrator, or network engineer
  • Bachelor’s degree in Computer Science, Computer Engineering, MIS, or related field
  • Effective time management skills by completing assignments or delivering updates within required deadlines
  • Preferred Skills and Experience :

  • Experience with Linux system administration, scripting, log parsing, vulnerability assessments / penetration testing, or vulnerability management
  • Scripting, programming knowledge and experience
  • Familiarity with industry recognized frameworks including but not limited to MITRE ATT&CK, ADS, NIST 800, and CIS
  • Recognized industry certification and / or continuing education programs are a major plus including GCIH, GCIA, CISSP, GCFA, GMON, GREM, GNFA
  • Advanced understanding of Unix & Windows functionality, access control, event logs and monitoring; application and network security
  • Working knowledge of forensics, incident response and threat hunting methodologies for a cloud service provider
  • Detailed Description and Job Requirements

    Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.

    Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.

    Assist in development of incident response capabilities, training, and tool validation.May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming / scripting knowledge is required.

    May participate in an incident management team, responding to security events in line with Oracle incident response playbooks.

    Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents.

    Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools. Research industry trends and constantly assess current controls and threat posture of new and existing products and services.

    Recommend and implement new security controls across Oracle’s line of business (LOB).Improve current processes and workflows to minimize manual efforts.

    Minimum of 5 years related experience in an information security role, supporting security programs and security engineering / architecture in complex enterprise environments.

    Hands on experience with enterprise security architecture, engineering and implementation required.Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.

    Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).Preferred but not required qualifications include : Bachelor-level university degree in a relevant field from an accredited university, or equivalent.

    Experience in developing secure, scalable cloud architectures and distributed systems.Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.

    Demonstrable scripting or programming experience.

    Reportar esta oferta

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación