GuidePoint Security provides trusted cybersecurity expertise and solutions to help organizations minimize risk. The SecOps Engineer role focuses on integrating security practices into IT operations, ensuring systems and applications are secure while maintaining efficiency.
Responsibilities:
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Learn and keep up with current cyber threats, attack methodology, active campaigns, and detection techniques using a wide variety of capabilities and sources (GOTS, COTS, and Open Source)
- Understand and utilize cyber threat intelligence sources
- Familiarity with key security events on common IT platforms
- Experience authoring security runbooks, policy, and best practice documentation
- Preferred experience in the areas of SecOps, Security Analytics, SIEM/SOAR, etc
- Proficiency in developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one or more SIEM platforms (Splunk, CrowdStrike NG-SIEM, Elastic Security or Palo Alto XSIAM), including creation of complex threat detection logic and operational dashboards
- Understand and articulate complex technical information to both technical and non-technical audiences
- Demonstrated experience in the identification and assessment of the relevance and effectiveness of signatures and indicators of compromise based on intelligence
- Experience developing and providing regular and ad hoc briefs, documents, diagrams and other products
Requirements:
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Learn and keep up with current cyber threats, attack methodology, active campaigns, and detection techniques using a wide variety of capabilities and sources (GOTS, COTS, and Open Source)
- Understand and utilize cyber threat intelligence sources
- Familiarity with key security events on common IT platforms
- Experience authoring security runbooks, policy, and best practice documentation
- Proficiency in developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one or more SIEM platforms (Splunk, CrowdStrike NG-SIEM, Elastic Security or Palo Alto XSIAM), including creation of complex threat detection logic and operational dashboards
- Understand and articulate complex technical information to both technical and non-technical audiences
- Bachelor's Degree or relevant work experience and certifications (MITRE, SIEM, SOAR, CompTIA, SANS, etc)
- Preferred experience in the areas of SecOps, Security Analytics, SIEM/SOAR, etc
- Demonstrated experience in the identification and assessment of the relevance and effectiveness of signatures and indicators of compromise based on intelligence
- Experience developing and providing regular and ad hoc briefs, documents, diagrams and other products