Security Operation Engineer (SecOps)

Context

We are supporting a fast-growing tech company operating at scale, with strong security and reliability requirements.

The Security Operations team plays a central role in protecting the platform, ensuring continuous monitoring, rapid incident response, and effective vulnerability management across a modern cloud-native environment.

The company operates in a high-traffic, international context, with increasing exposure to security threats and a need for strong operational excellence.

Mission

The consultant will join the Security Operations team and contribute to the day-to-day protection of the platform.

Security Monitoring & Detection

• Monitor security tools and dashboards to detect suspicious activity

• Triage alerts from SIEM, EDR, and detection systems

• Investigate and respond to incidents using established playbooks

• Improve detection rules and reduce false positives

• Troubleshoot log ingestion and alert configuration issues

Incident Response

• Prioritize and handle security alerts based on impact and severity

• Conduct root cause analysis and contribute to post-incident reviews

• Coordinate with engineering, infrastructure, and other teams

• Participate in on-call rotations if required

Vulnerability Management

• Analyze outputs from vulnerability scanning tools

• Assess risk based on exploitability and business impact

• Track remediation and follow up with relevant stakeholders

Tech Environment

• Cloud: GCP (primary), AWS

• Security: Google SecOps (SIEM), Wiz, Adaptive Shield, Trufflehog

• Infrastructure: Kubernetes, Terraform

• Observability: Datadog

• Identity & Access: Okta

• Edge Security: Cloudflare, Zscaler

• DevOps: GitHub, CircleCI

• Collaboration: Jira, Confluence

Profile

• Strong experience in Security Operations / SOC environments

• Hands-on experience with SIEM tools (Google SecOps is a plus)

• Solid understanding of incident response and alert triage

• Experience in vulnerability management and CVE analysis

• Familiarity with MITRE ATT&CK and common attack patterns

• Experience in cloud-native environments (GCP or AWS)

• Good understanding of network and endpoint security

• Strong analytical mindset and structured investigation approach

• Fluent English required

Nice to have

• Experience with threat intelligence platforms

• Scripting or automation (Python, TypeScript…)

• Background in scale-up or high-growth environments