Security Operations Engineer

Security Operations Engineer

Req number : R6553

Employment type : Full time

Worksite flexibility :

Remote

Who we are

CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right-whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise.

Job Summary

As a Security Operations Engineer, you will provide firewall configuration, incident response and troubleshooting on mail flow for our clients.

Job Description

We are seeking a skilled Security Operations Engineer with expertise in firewall configuration, incident response processes, and troubleshooting mail flow issues. The ideal candidate will have a strong technical background, excellent problem-solving skills, and the ability to work both independently and collaboratively to ensure the security and functionality of IT systems. This position is focused on delivering measurable outcomes tied to operational performance, incident handling, and incremental improvements.

This is a remote, salaried full time opportunity.

Due to the specific legal and contractual requirements associated with this position, only U.S. citizens will be considered for this role.

What You'll Do

Firewall Configuration :

Analyze and digest configurations from one firewall brand and apply equivalent configurations to another brand, ensuring seamless functionality and security

Implement, manage, and troubleshoot firewall rules to support business needs while maintaining security standards

Incident Response :

Monitor and respond to alerts for risky user activity, performing the full incident response (IR) lifecycle

Conduct log analysis to identify suspicious or malicious activity

Lead containment and remediation actions with a focus on minimizing impact and resolving issues efficiently

Document chain of custody during forensic investigations and provide technical reports post-incident

Collaborate with IT and security teams to improve detection and response capabilities

Mail Flow Troubleshooting :

Diagnose and resolve mail flow issues in Microsoft 365 and third-party email filtering systems

Review logs and configurations to identify and address disruptions in email delivery

Implement changes and updates to ensure optimal email performance and security

Operational Improvements :

Perform regular security tuning and hygiene tasks to optimize SIEM, EDR, and identity detection systems, reducing false positives

Deliver measurable improvements in endpoint coverage, IAM hygiene compliance, and vulnerability closure rates

Maintain and update SOPs / playbooks, ensuring accurate documentation and knowledge transfer to Tier 1 / 2 staff

Collaboration and Training :

Conduct knowledge transfer sessions and provide training to junior staff as needed

Participate in quarterly tabletop exercises to enhance readiness, document findings, and identify opportunities for improvement

Updated SOPs and knowledge transfer materials

Deliverables :

• Firewall configuration transfer and validation reports; incident response documentation, including investigation findings and remediation steps; monthly security tuning and improvement reports; mail flow troubleshooting logs and resolution summaries

What You'll Need

Required :

Minimum of 5 years of experience in firewall configuration, management, and troubleshooting across multiple brands

Strong understanding of incident response processes, including log analysis, containment, and remediation

Hands-on experience with Microsoft 365 and third-party email filtering systems for mail flow troubleshooting

Proficiency in SIEM and EDR systems, with demonstrated ability to reduce false positives and improve detection accuracy

Familiarity with IAM role compliance and vulnerability remediation

Solid understanding of network security principles and best practices

Excellent problem-solving skills and the ability to work under pressure

Strong communication skills, both written and verbal, with the ability to document processes and findings effectively

Preferred Qualifications :

Relevant certifications such as CISSP, CEH, or equivalent

Experience with cloud networking solutions and advanced forensic analysis tools

Working knowledge of Adobe Acrobat and Excel for documentation and reporting purposes

Physical Demands

Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state, and local standards

Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.

Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor

Limited travel may be required

#LI-JH1

Reasonable accommodation statement

If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 - 8111.

The pay range for this position is listed above. Exact compensation may vary based on several factors, including location, experience, and education. Benefit packages include medical, dental, and vision insurance, as well as 401k retirement account access. Employees in this role receive paid time off and may also be entitled to paid sick leave and / or other paid time off as provided by applicable law.