The Security Operation Engineer will move beyond passive monitoring to actively manage, maintain, and remediate security events within a dynamic project environment. Unlike a traditional Level 1.5 SOC monitoring role focused solely on escalation, this position requires hands-on engineering, active remediation, vulnerability handling, and security tool management in a cloud environment.
Key Responsibilities & Workflow
Active Tool & Cloud Management: Manage and configure security infrastructure tools, endpoint protection, and Privileged Access Management (PAM) tools within a cloud environment.
Incident Remediation: Take ownership of security alerts and perform active, hands-on remediation tasks (rather than just routing notifications to external desktop or system engineers).
Vulnerability & Audit Management: Execute daily vulnerability assessments, run security scans, handle vulnerabilities, and collaborate/coordinate with third parties to conduct security scans and audits.