Senior Security Operations Engineer

Summary

Join GLG's Information Security Team as a Senior Security Operations Engineer! Reporting to the VP of Information Security, you will be responsible for maintaining, implementing, and enhancing our security program, safeguarding our cloud infrastructure, systems, applications, and data. You will play a key role in our ISO 27001 program, handling incident response, forensic analysis, vulnerability monitoring, and compliance activities. This role requires strong collaboration skills and a passion for security best practices. The ideal candidate will thrive in a positive team environment and contribute to a secure and compliant organization. This is a remote position based in India.

Requirements

• 5+ years of experience as a security analyst, security operations engineer or in a forensics role
• Strong hands-on network, systems, and application security experience
• Knowledge of security and control frameworks, such as ISO27001/2, NIST, and/or CIS
• Interpersonal and collaborative skills with the ability to communicate security and risk-related concepts to technical and nontechnical audiences
• High level of personal integrity, and the ability to professionally handle confidential matters
• High degree of initiative, dependability and ability to work with little supervision
• Natural passion for security and strong drive to see both projects and investigations to completion
• Enjoys collaborating and working in a team-based environment

Responsibilities

• Perform regular operational security functions, ongoing compliance-related activities, and conduct security assessments across various technologies and third parties
• Internal and external vulnerability identification and remediation
• Act as primary point of contact with our managed security service provider (MSSP)
• Monitor and report on security tools (i.e., SIEM, EDR, IAM, IDS/IPS, vulnerability scanning)
• Manage security incident triage, investigation, and response
• Conduct forensic analysis and evidence collection
• Perform compliance related tasks such as privileged access reviews and change monitoring
• Track operational metrics related to alerts, incidents, and vulnerabilities
• Execute information security reviews against infrastructure, applications, and vendor services
• Participate in various programs and initiatives supporting the further implementation of the company's information security policies and standards
• Be a positive advocate for security best practices and awareness throughout the company