FULL TIME
Role: Security Operations Engineer
Location: Hybrid/Fort Worth, TX or Midtown, NYC
Salary: $145K + 20% Bonus - No H1
Job Description:
As a Security Operations Engineer at OHA, you will be instrumental in protecting our organization's digital assets through proactive threat detection, vulnerability management, remediations, and incident response. You will work closely with the Security Operations team and broader Technology organization to identify, assess, and remediate security threats while ensuring rapid and effective response to security incidents. You are technically skilled, analytical, and thrive in a fast-paced environment where you can apply your security expertise to defend against evolving cyber threats.
Responsibilities
• Lead vulnerability assessment programs, including regular scanning, penetration testing, and security architecture reviews
• Design and implement security monitoring solutions to detect and alert on potential threats and anomalous activities
• Establish KPIs and reporting mechanisms to track program effectiveness and security posture improvements
• Actively participate in incident response activities including threat detection, investigation, containment, and remediation of security events across the enterprise environment
• Create vulnerability management processes including: o Asset discovery and classification
o Automated scanning and assessment workflows
o Risk-based prioritization models
o Remediation tracking and verification
o Exception management procedures
o Stakeholder reporting and metrics
• Develop comprehensive security runbooks and standard operating procedures (SOPs) for routine security operations, incident response scenarios, and critical security events
• Drive continuous improvement of security monitoring capabilities, including use case development, alert tuning, and automation of response procedures
• Maintain and regularly update runbooks to reflect new threats, tools, and procedures
• Maintain and implement Mobile Device Management (MDM) and mobile security configurations
• Coordinate with IT teams to establish patch management processes and security hardening standards
• Build partnerships with business units to ensure vulnerability management aligns with business objectives
• Manage or participate in security projects, aimed to improve the overall security posture of the firm
• Participate in on-call rotation for security incident response
• Be involved in any other security-related tasks, as directed by management
Qualifications
• Minimum of 4 years' hands-on experience in security operations, threat management, or vulnerability management
• Strong understanding of risk management frameworks and security best practices
• Proven experience creating and maintaining technical documentation, runbooks, and process workflows
• Track record of investigating and responding to security incidents in complex environments
• Deep understanding of cyber threats, attack methodologies, and defensive strategies
• Experience with security program metrics and executive reporting
• Excellent technical writing skills with ability to create clear, detailed procedures
• Strong analytical and problem-solving skills with ability to work under pressure
• Excellent stakeholder management and communication skills
• Ability to lead projects and initiatives while contributing effectively to team objectives
Technical Requirements
• Advanced level experience with vulnerability management platforms and SIEM tools
• Strong knowledge of security frameworks (NIST, CIS, ISO)
• Proficiency in vulnerability assessment tools and methodologies
• Experience with threat intelligence platforms and integration
• Strong scripting abilities (PowerShell, Bash, Python) for security related tasks
• Experience documenting complex technical procedures and creating automated workflows
• Extensive knowledge of Windows security, Office365, and cloud security concepts
• Hands-on experience with ITIL-based ticketing systems (ServiceNow preferred)
• Demonstrated ability to translate technical processes into clear, actionable documentation
Preferred
• Experience with runbook automation tools and platforms
• Experience managing security programs in financially regulated industries
• Bachelor’s degree in computer science, Cybersecurity, or related field
• Industry certifications: CISSP, GCIH, GCIA, CEH, or OSCP
• Active participation in security communities and continuing education
well-being and addressing the needs of our investors, business and communities is and will remain unwavering.