remote
Security Operations Engineer - eBay
Systems Engineer
Security Operations Engineer responsible for monitoring, detecting, and responding to threats across a large e‑commerce platform, leveraging SIEM tools, cloud services, and automation to protect customer data and maintain system integrity.
About the role
Key Responsibilities
- Monitor and analyze security events using SIEM platforms (e.g., Splunk) to identify and triage potential incidents.
- Develop and maintain automated detection and response scripts in Python to accelerate incident handling.
- Conduct threat‑hunting activities and root‑cause analyses to uncover hidden adversary tactics.
- Collaborate with engineering and cloud teams to design and implement security controls for AWS environments.
- Lead incident response efforts, including containment, eradication, and post‑mortem reporting.
- Continuously improve security processes, playbooks, and tooling based on emerging threats and industry best practices.
Requirements
- 3+ years of hands‑on experience in security operations, SOC, or incident response.
- Proficiency with SIEM tools (Splunk, QRadar, etc.) and scripting languages, especially Python.
- Strong understanding of cloud security concepts and experience securing AWS workloads.
- Demonstrated ability to perform threat hunting, log analysis, and forensic investigations.
- Excellent communication skills and the ability to work cross‑functionally in a fast‑paced environment.