Role: Senior SecOps Engineer
Location: Santa Clara, CA, Fully Onsite
Duration: 6 Months Contract-to-Hire
Job Description: We are seeking a hands-on Senior SecOps Engineer to build and manage a comprehensive Vulnerability Management Program. This role focuses on deploying and maintaining tools like Tenable.io (Nessus), CrowdStrike, Fortinet, and SIEM systems to identify and remediate vulnerabilities across networks, systems, endpoints, and Azure cloud environments. Expertise in patch management/automation and aligning security processes with frameworks like NIST and CIS is essential.
Manager Notes:
-
- Vulnerability Management Program: Design and implement a robust Vulnerability Management Program with regular reporting.
- Technical Expertise:
- Vulnerability management tools (CrowdStrike, Tenable.io, Nessus).
- Security automation and network security, including firewalls and MFA configuration.
- SIEM tools for threat detection and response.
- Azure Active Directory, MS Entra, or Okta for identity and access management.
- Endpoint security with a focus on MS Azure cloud environments.
- Incident Response & Ransomware Mitigation: Hands-on experience in handling security incidents, including ransomware prevention and remediation.
- Compliance & Standards: Familiarity with industry standards and frameworks such as:
- NIST 800, NIST 53, or NIST 171.
- CIS Framework for cybersecurity best practices.
- Penetration Testing: Experience in conducting penetration testing to identify and address security vulnerabilities.
Key Responsibilities:
- Lead vulnerability management efforts, including risk assessment, mitigation, and CVE prioritization.
- Automate and oversee patch management across diverse platforms.
- Harden Azure cloud environments and ensure compliance with security standards.
- Implement continuous monitoring and incident detection with tools like CrowdStrike and SIEM.
- Document and report vulnerability statuses, risks, and compliance updates.
Qualifications:
- Minimum 10 years of hands-on experience in Cybersecurity.
- 10+ years in Security Operations with expertise in vulnerability management and risk management.
- Proficiency in tools like io, CrowdStrike, and Fortinet.
- Strong experience in Azure cloud security and patch automation.
- Knowledge of NIST 800, NIST 800-53, NIST 800-171, CIS
- CISSP or CISM certification required.
