Not currently receiving applications. For agency users and internal applicant, please login, or register.
Security Operations Engineer I
The Security Operations Engineer role provides daily incident
response in addition to providing 24x7 support and operational
availability of Kirkland's security infrastructure. Responsibilities
include the monitoring and investigation of security alerts,
implementation of new security technologies, day-to-day operations,
and change management of all deployed security technologies.
ESSENTIAL FUNCTIONS (This list is not exhaustive and
may be supplemented and changed as necessary.)
• Analyze potential infrastructure security incidents to determine if
incident qualifies as a legitimate security breach. • Monitor and
correlate security event log information to identify and detect
anomalous activity. • Document and conform to processes related
to security monitoring, patching and incident response. •
Implement techniques using the most advanced technologies to hunt for
the unknown threats in the environment • Appropriately inform and
advise management on incidents and incident prevention. •
Participate in knowledge sharing with other analysts and develop
solutions efficiently. • Upgrade security systems by monitoring
security environment; identifying security gaps, evaluating and
implementing enhancements. • Enhance department and organization
reputation by delivering quality results and exploring opportunities
to increase value and raise awareness of Information Security
Program. • Partner closely with IT or business teams across the
Firm to implement secure solutions that reduce business risk by
ensuring confidentiality, integrity, and availability.
Education, Work Experience, Skills
• Bachelor's degree required, preferably in cybersecurity or other
IT-related field • At least four (4) years in an IT-related field
or at least two (2) years working in cybersecurity required.
Experience in an MSSP or SOC preferred. • Programming and
scripting skills such as PowerShell, Python, etc. preferred.
• Microsoft Outlook, Word, & Excel required. • Experience
investigating security incidents using various security tools
including EDR tools such as CrowdStrike, Sentinel One, etc.
required. • Experience with Security Information and Event
Management (SIEM) such as LogRhythm, Splunk, etc. Experience should
include event analysis, log collection/management, alert generation,
investigations, and reporting preferred. • Experience using file
sandbox technology to detonate and analyze potentially malicious
documents and executables preferred. • Experience with other
security-related technologies including Intrusion Prevention/Detection
Systems, Firewalls, Content Filtering Technology, Vulnerability
Scanning/Management Solutions preferred.
Certificates, Licensures, Registrations
• Comptia Security+, Network+, Cybersecurity Analyst • GIAC
Information Security Fundamentals or Security Essentials
Certification • Certified Information Systems Security