Principal Information Security Operations Engineer
Listed on 2026-06-28
-
IT/Tech
Cybersecurity, Information Security
About The Role
We are seeking a highly skilled and experienced Principal Information Security Operations Engineer to join our dynamic and innovative security operations team. The Principal Information Security Operations Engineer will have experience leading cybersecurity incident response (IR) which includes detection, containment, eradication, recovery, and reporting.
This position provides technical leadership during high‑severity events, coordinates cross‑functional response efforts, and ensures incidents are handled quickly, consistently, and in accordance with regulatory and company business requirements. It also involves implementing and maintaining the security monitoring and alerting tools necessary to protect our organization’s systems, networks, and data from potential threats. The ideal candidate will have a mix of hands‑on technical knowledge, a strong background in security operations, incident response, security risk mitigation, and security practices.
The individual should be proactive, organized, analytical, detail‑oriented, and persistent.
Security Operations is a critical business support responsibility for the Information Security team. We provide insights regarding threats the company faces and are expected to quickly respond and recover from potential cyber events or incidents. It is important for this individual to understand that there are cyber threat actors targeting the maritime industry and we must stay vigilant, be ready to respond in a manner that will limit the impact and allow for quick recovery.
What you’ll do:- Manage day‑to‑day security operational tasks such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, and monitoring and responding to emerging threats ranging from endpoint to server to public cloud.
- Lead all security‑related events and incidents that come into the team's various queues (including triage, containment, and remediation when necessary). Follow standard operating procedures (SOPs) and playbooks to ensure security events are triaged appropriately and in a timely manner, according to SLAs.
- Understand the various stages of the incident response lifecycle and the analytical mindset when it comes to triage and investigations, including a fundamental understanding of memory processes and memory management practices, or the willingness to learn these principles. Act as primary support contact for security incidents and provide direction to infrastructure and applications teams to initiate incident response.
- Perform root cause analysis to continuously improve prevention, detection, reaction, and remediation capabilities.
- Ensure systems, networks, and applications are monitored for security breaches, intrusions, and unusual activity.
- Investigate and respond to security events and incidents, including performing root cause analysis, identifying vulnerabilities, and implementing remediation and/or tuning measures.
- Respond to phishing attacks by tracking down and recalling malicious e‑mails; contact users who may be impacted.
- Participate in off‑hours on‑call rotation, as required, and necessary.
- Liaise with internal and external parties, including Managed Security Services Provider, computer forensics specialists, and additional incident responders, to address security concerns.
- Assist in managing the organization's logging environment, providing fundamental knowledge of license managers, indexers, and search heads.
- Develop SOAR playbooks to minimize security incident response time and develop advanced techniques to identify and mitigate vulnerabilities.
- Understand security incident response plans and procedures, ensuring their effectiveness through regular testing and exercises.
- Collaborate with cross‑functional teams to ensure security controls, infrastructure and tools, including firewalls, intrusion detection systems, data loss prevention systems, and security information and event management (SIEM) systems are implemented and maintained throughout the organization.
- Conduct research on emerging security threats and trends and recommend appropriate security measures and countermeasures.
- Assist…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).