Security Operations Engineer

The ThreatQuotient mission is to improve the efficiency and effectiveness of security operations through a data-driven threat intelligence platform. By integrating an organization’s existing processes and technologies into a single security architecture, ThreatQuotient accelerates and simplifies investigations and collaboration within and across teams and tools. Through automation, prioritization and visualization, the ThreatQuotient solutions reduce noise and highlight top priority threats to provide greater focus and decision support for limited resources. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe, APAC and MENA. For more information, visit https://threatquotient.com.

Location:

Occasional travel to our corporate headquarters in Ashburn, Virginia and Mt Airy, Maryland will be required.

Job Functions:

• Manage the Governance, Risk, and Compliance program by maintaining and developing policies. Ensuring the organization is in compliance with internal policies. Determining the risk profile of vendors and current systems.
• Act as SME and lead for SOC2 and security audits.
• Analyze and monitor internal tools, and hunt for threats against company data and infrastructure.
• Install, maintain, operate, and troubleshoot complex computer systems hardware and software problems, including Firewalls, IPS, Next Generation Endpoint protection, SOAR integrations, and SIEM solutions.
• Incident Investigation: Conduct in-depth investigations into suspicious activities, anomalies, and security incidents to determine the nature and scope of the threat.
• Forensic Analysis: Utilize digital forensics tools and techniques to gather, analyze, and preserve evidence related to security incidents. Maintain detailed documentation of all forensic analysis, including findings, methodologies, and evidence, ensuring its admissibility in legal proceedings if necessary.
• Analyze and dissect malware samples to understand their functionality, propagation methods, and potential impact on the organization.
• Stay informed about emerging threats, attack vectors, and vulnerabilities.

Mandatory Skills:

• Extensive knowledge of Linux (RHEL, Ubuntu), Windows, and MacOS platforms
• In-depth knowledge of AWS and cloud security principles
• Expertise in IAM and access control architectures (SAML / OIDC / OAuth2)
• BASH scripting experience and strong knowledge of at least one modern high level language (python, go, rust, etc.)
• Competency in IaC languages like Terraform and Ansible
• Excellent written and verbal communications skills
• Strong troubleshooting and critical-thinking skills
• Highly self-motivated and directed
• Proven analytical and problem-solving abilities
• Ability to prioritize effectively
• Ability to work both independently and in a collaborative environment
• Ability to learn new technologies quickly

Applicant should possess:

• A minimum of 5 years experience in Linux systems administration
• A strong understanding of network and hardware security principles
• A working knowledge of networking protocols and systems
• Experiencing performing security incident response and mitigation
• Familiarity with Vulnerability Management systems
• Experience with EDR tools and incident response

Education:

Bachelor’s degree from four-year college or university or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc. or equivalent military experience required.