Senior Security Operations Engineer

cryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Survey Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position. Broad application of principles, theories and concepts in applicable discipline, plus working knowledge of other related fields. Provides resolution to a diverse scope and range of complex problems where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise. Normally receives little instruction on day-to-day work, general instructions on new assignments. Determines and develops approach to solutions; work is evaluated upon completion to ensure objectives have been met. Contributes to the development of organization's goals and objectives. University degree and 4-6 years of related experience, or equivalent work experience.

Job Description

Forcepoint is looking for a Senior Security Analyst to join our Global Security Operations Center (SOC) team. The Forcepoint SOC team plays a central role in safeguarding the organization's digital infrastructure against cybersecurity threats. This role is responsible for monitoring and responding to security events on our corporate and cloud environments. This position will help mentor a team of motivated analysts and assist with building out our SOC.

Essential Functions

• Lead Incident Response and Forensics investigator.

• Analyze and respond promptly to security incidents as required.

• Develop and maintain Standard Operating Procedures (SOPs) and Incident Response (IR) Playbooks.

• Run quarterly Tabletop exercises to help identify and strengthen weaknesses in our processes.

• Identify security risks, threats and vulnerabilities of the company's network, systems, applications, and new technology initiatives.

• Assist in maturing risk and vulnerability management programs, including reporting metrics.

• Review and analyze ACLs, IDS rules, and network device configuration and propose pragmatic best practice solutions.

• Design, evaluate, and promote new security standards by standardizing operating procedures and streamlining security related operations.

• Develop scripts or other techniques to automate repetitive tasks.

• Perform other duties and projects as assigned.

Education and Experience

• A BS/MS degree in a technical field such as Computer Science with an emphasis on security, or equivalent experience.

• 10+ years of practical experience implementing and deploying security controls.

• 7+ years of practical experience in an Information Security role.

• 5+ years of practical experience with SIEM software supporting alerts along with integrating new service ingestions.

• 5+ years of practical experience in a System Administrator role.

• At least one professional Security certifications (CISSP, CFCE, CCE, GCFE).

• Strong foundation in network security and familiarity with the MITRE ATT&CK framework.

• Prior experience leading Incident Response tabletop exercises.

• Prior experience with EDR services.

• Prior experience with IDS/IPS systems.

• Prior experience with enterprise vulnerability management systems.

• Solid understanding of security best practices for public cloud (Amazon Web Services, Azure, Google Cloud and Oracle Cloud Infrastructure).

• Practical hands-on experience with scripting languages Powershell, Python or Bash.

• Thorough working knowledge of Windows, Linux (RHEL/CentOS) system hardening and security monitoring techniques.

• Experience working with third-party SOC utilizing Chronicle and CrowdStrike.

• Experience with well-known information security related tools such as Burp, Wireshark, Kali Linux, Netcat, TCPDump and NMAP.

Don't meet every single qualification? Studies show people are hesitant to apply if they don't meet all requirements listed in a job posting. Forcepoint is focused on building an inclusive and diverse workplace - so if there is something slightly different about your previous experience, but it otherwise aligns and you're excited about this role, we encourage you to apply. You could be a great candidate for this or other roles on our team.

The policy of Forcepoint is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.

Forcepoint is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company's career webpage as a result of your disability. You may request reasonable accommodations by sending an email to [email protected].

Forcepoint is a Federal Contractor. Certain positions with Forcepoint require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.

Applicants must have the right to work in the location to which you have applied.