Information and Cyber Security Operations Engineer - RSM

Key Responsibilities

• Monitor security alerts and events using SIEM platforms, ensuring timely detection of potential threats.
• Investigate and respond to security incidents, performing root‑cause analysis and remediation.
• Conduct proactive threat‑hunting activities and develop detection rules to improve coverage.
• Collaborate with the Managed Security Service Provider (MSSP) to fine‑tune monitoring processes and escalation procedures.
• Automate repetitive tasks and incident workflows using Python scripting and other automation tools.
• Maintain security posture of cloud environments (e.g., AWS) and on‑premise infrastructure.

Requirements

• 3+ years of experience in security operations, incident response, or related roles.
• Hands‑on experience with SIEM solutions (e.g., Splunk, QRadar, ArcSight).
• Strong scripting skills, preferably Python, for automation and log analysis.
• Solid understanding of networking, Windows and Linux operating systems, and cloud security fundamentals.
• Relevant certifications such as CISSP, GSEC, or equivalent are a plus.