IT Security Engineer I

Security Operations (60%)

• Manage and triage the security ticket queue, ensuring timely response to security incidents and requests

• Respond to security alerts from EDR, SIEM, email security tools, and other monitoring systems

• Investigate and respond to phishing reports, analyzing email headers, embedded content, and malicious links

• Assist with malware analysis using sandboxing tools and containment when necessary

• Assist with documentation of incident response activities and execute security playbooks

• Participate in security incident response activities, including after-hours on-call rotation

Engineering Support (30%)

• Provide engineering support for security infrastructure projects

• Assist in implementation and maintenance of security tools and technologies

• Support vulnerability management activities by coordinating with asset owners on remediation efforts

• Maintain security tool best practice configurations in Microsoft 365, Azure, and on-premises environments

• Identify opportunities for automation scripts to handle repetitive security tasks, and assist in their development

Learning and Development (10%)

• Participate in training and professional development to advance security skills

• Stay current on emerging threats, vulnerabilities, and security technologies

• Contribute to security documentation and knowledge base articles

Technical Skills

• Microsoft Technologies: Strong working knowledge of Windows Server, Active Directory, Microsoft 365, and Azure cloud services

• Networking Fundamentals: Understanding of TCP/IP, DNS, DHCP, VPN, the OSI model, and common network protocols

• Logging and SIEM: Basic ability to read, search, and query logs; familiarity with log sources and common security events

• Email Security: Understanding of email flow, SMTP protocol, and email security concepts including SPF, DKIM, and DMARC

• Phishing Defense: Ability to identify phishing attempts, analyze suspicious emails, and understand common attack vectors

• Endpoint Security: Basic understanding of EDR tools and endpoint protection concepts

• Vulnerability Management: Awareness of common vulnerabilities (CVE), scanning tools, and remediation processes

Professional Skills

• Strong analytical and problem-solving abilities

• Excellent written and verbal communication skills for interacting with users and technical teams

• Ability to prioritize multiple tasks in a fast-paced environment

• Detail-oriented with strong documentation habits

• Customer service mindset when working with internal stakeholders

Education and Experience

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience)

• 1-3 years of experience in IT systems administration, cloud engineering, or related technical role

• Security-focused experience preferred but not required for candidates with strong technical fundamentals

• Security certifications (Security+, Azure Security Engineer Associate, or similar) are a plus

Preferred Skills

• Experience with PowerShell or Python scripting

• Familiarity with Azure security services

• Basic understanding of Linux/Unix systems

• Knowledge of web security concepts (proxies, certificates, HTTPS)

• Experience with ticketing systems

• Understanding of Data Loss Prevention (DLP) concepts