Operations Security Engineer

We are looking for an experienced Operations Security Engineer to strengthen the security measures of our infrastructure, whether it is on-premises or in the cloud, with a specific focus on GCP. Your main responsibilities will include utilizing your automation tools proficiency, scripting skills, and knowledge of security best practices to conduct regular assessments, uphold secure configurations, and react to potential security threats. Additionally, you will actively partake in maintaining and enhancing our Security Information and Event Management (SIEM) solution.

• Please take note that this job requires being in the Zurich office three days a week.

Key Responsibilities

Data Center & Cloud Security

• Enhance and uphold security controls in on-premise data centers and various cloud platforms such as Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure.
• Collaborate closely with DevOps, IT, and engineering teams to ensure secure configuration and deployment of services.

Automation & Scripting

• Develop and sustain automation scripts utilizing Terraform, Ansible, Python, and Bash to streamline security operations.
• Integrate infrastructure-as-code (IaC) principles to enhance consistency and reproducibility.

Security Assessments

• Regularly carry out security audits and vulnerability assessments of servers, network devices, and cloud resources.
• Offer recommendations and implement strategies to mitigate identified risks and vulnerabilities.

Network Security & Inventory Management

• Lead network segmentation initiatives to reduce the attack surface and control potential breaches.
• Supervise hardware and software inventory management to ensure compliance with security standards.

SIEM Operations

• Manage daily SIEM tasks including log ingestion, developing correlation rules, and real-time monitoring.
• Analyze alerts, investigate security incidents, and escalate or address them as necessary.

Collaboration & Best Practices

• Collaborate across various teams such as IT, DevOps, and Incident Response to align security goals and best practices throughout the organization.
• Contribute to developing and maintaining security policies, procedures, and documentation.

Qualifications

Education & Experience

• A Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• A proven track record in operations security, with a significant emphasis on on-premises data centers and cloud environments.

Technical Skills

• Extensive experience in deploying, operating, and optimizing Elastic SIEM within the Elastic Stack (ELK), handling log ingestion, alerting, and event correlation.
• Mastery of Kibana for data visualization, querying, and building dashboards to support threat detection and incident response.
• Hands-on experience working in a Security Operations Center (SOC) or a similar security-oriented environment.
• Proficiency in configuration management and automation tools (Terraform, Ansible), scripting (Python, Bash), and command-line interfaces.
• Profound understanding of security assessment methodologies including vulnerability scanning, penetration testing, and configuration audits.
• Well-versed in network security best practices, like network segmentation strategies, firewall configurations, and related security measures.
• Knowledge of blockchain and cryptocurrency technologies is beneficial.
• Experience in fine-tuning base LLM models for security operations is an advantage.
• Familiarity with Digital Forensics and Incident Response (DFIR) is a plus.

Soft Skills

• Excellent problem-solving and analytical skills to interpret security logs and alerts effectively.
• Strong communication skills for collaborating across teams and reporting to stakeholders.
• Exceptional organizational skills and keen attention to detail.