Cybersecurity Operations Specialist

We are seeking a skilled Cybersecurity Operations Specialist to join our team. This role is responsible for managing the daily security operations, including triage of alerts, investigation of events, and containment of incidents.

The ideal candidate will have at least 5 years of experience in security engineering, with expertise in SIEM, MDM, systems hardening, and practical cloud security. They will also have hands-on experience with cloud platforms, such as AWS, Google, or Azure.

Key responsibilities include:

• Managing detection rules, playbooks, and runbooks to reduce false positives and mean time to resolve (MTTR)
• Troubleshooting users on issues with security tooling
• Reviewing and hardening AWS security services, including IAM/SCPs, GuardDuty, Security Hub, CloudTrail/Config, KMS, and WAF
• Operating MDM for device compliance, disk encryption, patching, and baseline configurations
• Implementing new security technologies and integrations, and documenting deployments and handoffs

The successful candidate will be able to work across time zones when needed, have a solid understanding of computing systems and their operations, and be able to work in a team environment.

We offer a competitive compensation package, opportunities for professional growth, and a dynamic work environment.

Responsibilities:
• Triage alerts, investigate events, and drive incidents through containment, eradication, and post-incident review
• Maintain detection rules, playbooks, and runbooks; continually reduce false positives and MTTR
• Troubleshoot users on issues with security tooling
• Tools & Controls
• Review and harden AWS security services (e.g., IAM/SCPs, GuardDuty, Security Hub, CloudTrail/Config, KMS, WAF)
• Operate MDM for device compliance, disk encryption, patching, and baseline configurations
• Operate AV/EDR and firewall policies; support enterprise browser security policies and extensions
• Harden Cloud services and partners (DLP, context-aware access, OAuth app controls, group/SSO hygiene, 2SV/passkeys)
• Conduct POCs and evaluation on security tools for adoption
• Support IT operations when needed
Engineering & Enablement
• Implement new security technologies and integrations; document deployments and handoffs
• Create security automations for tooling
Risk & Posture
• Support asset/inventory accuracy, least-privilege access reviews, and change control
• Assist with security reviews, vendor risk, and audit evidence for SOC 2/ISO 27001-style controls
Requirements
Must Have
At least 5 years of security engineering background and experience with at least one of the following: SIEM, MDM, Systems hardening, Practical Cloud Security
Experience in tool lifecycle implementation - from Proof of Concept through integration and till decommissioning
Ability to work across time-zones when needed
Solid understanding of computing systems and their operations
Ability to work in a team and flexible deliverables
Nice to Have
Hands-on experience with cloud platforms (AWS/Google/Azure)
Experience with security automation
First hand experience with development of security processes
IT Background
Interview Process
CV Screening - We will review your application based on the qualifications and experience outlined above
Screening Interview with Cybersecurity team member- A conversation to assess general fit and engineering experience
Test Assignment Review - You'll be given a technical task reviewed by the team
Technical Interviews - Discussions with cybersecurity team and IT focused on system design, processes and approach
Final Interview with the CIO - A concluding discussion to evaluate cultural fit, strategic alignment, and how you resonate with the firm's values
Throughout the process, you'll be assessed for cultural fit through our company values:
• Drive - We seek people whose passion fuels relentless growth and a pursuit of excellence
• Ownership - We value those who take initiative and treat the company's goals as their own
• Judgment - We value individuals who focus on what matters and consistently drive meaningful results
• Openness - We believe in honest dialogue, constructive challenge, and shared learning
• Competence - We work with people who can thrive in fast-changing environments
• Resilience - We stay calm under pressure, adapt quickly, and learn from setbacks
Seniority level
Associate
Employment type
Full-time
Job function
Industries IT Services and IT Consulting