Security Operations Engineer

OPPORTUNITY OVERVIEW

ZeroFOX seeks a passionate and highly skilled Security Operations Engineer who is eager to help ensure the security of a rapidly growing SaaS-based security company! This role is a part of the Security & Compliance team and will help drive cross-functional teams to accomplish company-wide information security initiatives that impact all aspects of the business.

Role and responsibilities

• Directly supports ZeroFOXs security posture across the enterprise, focusing on endpoint security and logging/alerting capabilities for the organization.
• Serve as primary engineer for endpoint security, including endpoint security (EDR/AV) tool administration, policy configuration, and alert response, as well as endpoint secure baseline configuration and forensics.
• Provide support for efforts related to monitoring, logging, and alerting, with a focus on automation.
• Conduct security reviews and provide recommendations for internal systems and applications requests.
• Triage and resolve security alerts from internal systems, providing operational support for the team.
• Assist with conducting internal security assessments, prioritizing any gaps, and developing and implementing a prioritized remediation plan.
• Assist with monitoring and reporting of enterprise security posture.
• Assist with ensuring continuous compliance with standards such as NIST, SOC2, etc.

Required qualifications and skills

• Experience performing above responsibilities and developing qualifications typically obtained in 3+ years.
• Strong technical acumen and prior experience as it relates to information security, specifically endpoint security, cloud infrastructure, logging/monitoring/alerting, SIEM, security reviews, and incident response.
• Prior experience triaging, managing, and responding to information security events.
• Prior experience conducting systems and applications security reviews.
• Prior experience successfully interacting with internal and external stakeholders, including non-technical business stakeholders, on matters related to information security.
• Written and spoken fluency in the English language.
• Bachelor’s degree in Computer Science, Information Security, or related discipline, or equivalent experience.
• Ability to travel internationally occasionally (>10%).

Desired qualifications and skills

• Prior experience with email security, forensics, and eDiscovery is a plus.
• Coding ability is a plus.