The Senior Engineer - Enterprise Security Operations supports the CSL Information Security Program in the key areas of information threat detection, response and remediation, as part of a team of security operations professionals. The focus of this engineering position is to assist with level 3 incident response activities and forensics analysis, and also participates in the development, implementation and operations of all preventative and detection security controls and reporting. This position reports to the Senior Manager, Security Operations. With some guidance this engineer is a key contributor to the technical and operational success of overall Information Security Program and leads security incident response and forensics activities while learning the skills to become a leader in these activities.
Main Responsibilities and Accountabilities
1) Supports and assists to improve the CSL Global Information Security Program and the Enterprise Security Operations programs.
2) Participates in the development, operations, and improvement of the CSL Continuous Monitoring Program, Security Information and Event Management (SIEM), all related tools and processes.
3) Responds as the technical support for detected securitythreats, contributes to the coordinated management of the response activities, and develops incident reports as part of a 24x7 security operations team.
4) Provides technical expertise and response activities, while collaborating with vendor-supplied technical support and other subject matter experts.
5) Participates as a technical security support and coordinates with technical teams to respond, continually assess, and improve these security operations:
6) With some guidance, provides on-demand and scheduled investigations of securitythreats and compromised systems.
7) Collaborates on security controls and tool efficacy analysis, and provides feedback on areas of improvements for strategic attention.
8) Participates in the development of the Enterprise Security Operations team, and helps to grow its capabilities, experience and expertise.
9) Contributes to securityreports, dashboards and alerts to create an overall situational awareness of the threats to CSL.
10) Supports the development of metrics and reporting to provide continuous improvements for all Security Operational controls and processes.
11) Reviews and supports the enhancement of all Security Policies, Procedures, Guidelines and Standards.
12) Utilizes available training, peer knowledge transfer and other publically available curriculum to continually improve subject matter expertise and professional development.
Bachelor’s degree or equivalent experience. Educational concentration in a computer-based discipline (e.g. Computer Science, Information Systems) or a technical discipline (e.g. Engineering, Mathematics) is preferred.
CISSP/ISC2, GIAC, ISACA or related technical security certifications are desirable
Security Appliances, Scripting/Programming, and/or Operating System certifications.
The level of core competencies will be based on level of role.
Candidate will have expertise and significant skills in two or more of the following technical disciplines:
Penetration and Vulnerability Testing
Security Information and Event Management (SIEM)
General Security Knowledge
The level of core skills will be based on level of role.