Description
An Associate Security Operations Engineer is an entry-level, hands-on individual contributor responsible for supporting day-to-day cybersecurity operations. This role focuses on learning and reliably executing established security processes while assisting with vulnerability management, endpoint protection, and basic incident investigation. The engineer works under the guidance of more senior team members, follows documented procedures, and contributes to the maintenance and effectiveness of security tools and workflows as they develop their technical skills and operational experience.
To be effective, an individual must be able to perform each job duty successfully:
- Assist with monitoring, initial triage, and investigation of security alerts across endpoint, network, cloud, and SaaS environments using established tools and procedures.
- Participate in on-call or escalation rotations as required, with guidance and support from more experienced team members.
- Support day-to-day vulnerability management activities, including running scans, validating findings, tracking remediation efforts, and documenting results.
- Assist with tuning and updating security policies and detection rules under direction to help reduce false positives and improve alert quality.
- Support the implementation and operation of data classification, data loss prevention (DLP), and data protection controls based on defined standards.
- Monitor and review data protection alerts and events, escalating potential issues in accordance with documented procedures.
- Help maintain and update security operations documentation, including runbooks, procedures, and operating standards.
- Participate in change management activities related to security tools by reviewing changes, following approval processes, and documenting outcomes.
- Collaborate with Cybersecurity Engineering, Architecture, and Incident Response teams to learn from and provide operational feedback on security tools and processes.
- Assist with audits, assessments, and regulatory activities by gathering evidence and providing basic technical input as directed.
- Stay informed on emerging threats and vulnerabilities through training and team knowledge sharing, applying learned concepts to daily operational tasks.
KNOWLEDGE, SKILLS, & ABILITIES
- 1+ years of progressive experience in cybersecurity operations or a closely related technical security role.
- Experience with vulnerability management programs a plus.
- Some knowledge of data classification, DLP, and data protection concepts.
- Basic analytical and troubleshooting skills with the ability to assess risk and help prioritize response actions.
- Ability to work independently with minimal oversight while collaborating effectively across teams.
- Self-starter with strong problem-solving, organizational, and time management skills.
- Adaptive to change and responds positively to altered circumstances or conditions.
- Possesses a desire and willingness to learn and continually update knowledge on security or business concepts, strategies, systems, etc.
EDUCATION & EXPERIENCE
- Bachelor’s degree in Information Security, Computer Science, or equivalent practical experience.
- Security+, ISC2 CC, A+, Network+, or equivalent certifications. (Preferred)
PHYSICAL ABILITIES / WORKING CONDITIONS
- Physical Demands
- Ability to sit, talk and hear consistently
- Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally.
- Environmental
- There are no unusual environmental factors. Work is conducted in a typical office setting with moderate noise.
***This Job is not eligible to be performed in Colorado or Connecticut, either remotely or in-person.***
