SitusAMC is where the best and most passionate people come to transform our client’s businesses and their own careers. The Security Operations Engineer is responsible for executing hands-on security operations to protect the organization’s cloud environments, systems, and data, focusing on detecting, validating, and responding to security threats.
Responsibilities:
- Monitor, investigate, and respond to security alerts across cloud, endpoint, network, and identity platforms, validating threats and determining appropriate response actions
- Execute mitigation and remediation actions within AWS and Azure environments, including access revocation, configuration changes, policy updates, and resource isolation
- Build, tune, and maintain detections in SIEM, EDR, and cloud-native security tools to improve alert fidelity and reduce noise
- Materially contributes to incident response activities, including triage, containment, eradication, recovery, and post-incident lessons learned
- Perform root-cause analysis on security incidents and near-misses and drive corrective actions to prevent recurrence
- Develop, maintain, and execute security runbooks, response playbooks, and operational documentation to ensure consistent and repeatable response
- Implement and support automation and response workflows using scripting, APIs, and cloud-native tooling to reduce MTTR
- Partner with cloud, infrastructure, and application teams to remediate findings, harden systems, and reduce attack surface
- Support threat hunting activities using logs, telemetry, and attacker TTPs to identify suspicious or malicious behavior not detected by existing alerts
- Assist with vulnerability management, including validation of findings, prioritization based on risk, and remediation tracking
- Monitor cloud environments for misconfigurations, control failures, and drift, and take corrective action as required
- Contribute to tabletop exercises, purple team activities, and continuous defensive improvement efforts
- Stay current with emerging threats, technologies, and industry best practices, recommending strategies to evolve the organization’s security defenses
- Other activities as may be assigned by your manager
Requirements:
- Bachelor's degree in information security, Computer Science, or related field (or equivalent experience)
- Experienced professional with 5+ years of industry and/or relevant experience, typically at a Senior Analyst or Analyst level role or external equivalent
- Strong knowledge of SIEM, DLP, e-mail security, endpoint security, and cloud security technologies
- Hands-on experience securing and operating within AWS and Azure environments, including identity, networking, and native security services
- Working knowledge of infrastructure-as-code, scripting, or automation technologies (e.g., Terraform, CloudFormation, PowerShell, Python, or similar)
- Ability to execute security remediation actions using cloud consoles, APIs, and automation tools
- Expertise in incident response, threat hunting, and security operations
- Familiarity with risk management frameworks and compliance standards (NIST, CIS, etc.)
- Excellent problem-solving, analytical, and communication skills
- 3-5 years of professional experience in information security with progressive responsibility preferred
- Relevant certifications such as Security+, CySA+, GCIA, GCIH, AWS Certified Security – Specialty, Azure Security Engineer (AZ-500), SC-200, or equivalent cloud and security operations certifications are strongly preferred