Sr. IT Security Ops Engineer; Hybrid

We are seeking a Senior IT Security Ops Engineer to join our team. In this role, you will manage and oversee responses to security incidents, conduct investigations, analyze evidence and provide recommendations for remediation and improvement in the Lakeshore Learning Materials environment. The position also requires developing and maintaining Security Incident Response policies, procedures and best practices. Applicants should have at least seven years of experience in security incident response, forensics or threat intelligence.

The ideal candidate also possesses certifications such as CISSP, GCIH, GCFA or CISM.

• Overseeing the response to security incidents from identification through resolution; preparing and delivering incident reports, briefings and lessons learned to internal and external audiences
• Conducting forensic analysis, threat hunting and root-cause analysis related to security incidents
• Training and mentoring other Information Security Analysts, providing feedback and guidance to help solve new or complex problems
• Identifying areas to improve Information Security monitoring and detection capabilities; monitoring and analyzing emerging threats, vulnerabilities and exploits
• Developing and implementing scalable preventative security measures, including detection, monitoring and exploitation prevention
• Developing and delivering cybersecurity awareness training programs for employees, educating them on current threats and best practices
• Configuring alerting and automation within end point protection, incident detection and vulnerability management tools
• Helping plan, organize and conduct quarterly tabletop exercises to prepare the organization for security incidents

• Bachelor’s degree in computer science, cybersecurity or a related field, or equivalent work experience
• At least 7 years of experience in security incident response, forensics or threat intelligence
• Proficiency with Security Incident Response tools and platforms, such as SIEM, EDR, SOAR and IRM
• Experience working with cloud-based environments such as AWS, Azure or GCP
• Strong knowledge of security frameworks, standards and best practices, including NIST, ISO and MITRE
• Ability to design security-relevant infrastructure as code (IaC)

• Certifications such as CISSP, GCIH, GCFA or CISM
• Hands-on experience assessing, implementing and managing third-party and cloud service provider security tools and services, such as Endpoint Protection Platforms (EPP), firewall and network security tools, intrusion detection and prevention systems (IDS/IPS), vulnerability management tools, web application firewalls (WAF), and identity and access management (IAM)
• Familiarity with advanced Microsoft Office features for data analysis and presentation of findings
• Demonstrated scripting capabilities with modern languages such as Python
• Program experience using languages such as Bash, Power Shell and Python