Description:

Resilience is seeking a Senior Security Operations Engineer to join the Information Security team, focusing on defending endpoints and the SaaS platform.
The role involves automating and scaling security workflows under the guidance of the Director of Security Operations.
Responsibilities include managing SIEM ingestion, refining detections, response automation, SOAR playbook development, and maintaining technical documentation.
The engineer will collaborate with various teams such as IT, Engineering, DevOps, and Business Operations to ensure timely and actionable security outputs.
The position will also involve enabling and automating Threat Hunting, GRC, and Security Architecture workflows as the program scales.
Key tasks include developing dashboards, automations, and SOAR playbooks, serving as a system owner for the SIEM, and participating in security investigations and architecture reviews.

Requirements:

Candidates must have a Bachelor's degree or equivalent work experience of 5-10 years.
Intermediate knowledge of scripting languages like Python and Bash is required, along with familiarity with log formats, parsing, and collection.
Experience as a power user of a SIEM is necessary, with a preference for SumoLogic or other leading platforms.
Strong writing and communication skills for both business and technical stakeholders are essential.
Experience with Endpoint Detection and Response (EDR) tools, such as Crowdstrike, is required.
Candidates should have experience with Amazon Web Services and other public clouds.
Experience in securely integrating systems via APIs is necessary, including both off-the-shelf and custom integrations.
SOAR playbook development experience is highly desirable.
Experience working in a Security Operations Center (SOC) is also highly desirable.
Relevant certifications in Security Operations, Automation, and Digital Forensics are a plus but not required.