Key skills
PythonBashPowerShellArtificial IntelligenceAWSAzureSplunkGitVersion ControlCI/CDMentoringCommunicationCollaborationFirewall
About this role
Galaxy is a global leader in digital assets and data center infrastructure, delivering solutions that accelerate progress in finance and artificial intelligence. They are seeking a collaborative and experienced Security Engineer to oversee the operations of the Security Operations Center, manage cybersecurity threats, and develop automation scripts to enhance security processes.
Responsibilities:
- SOC Operations & Management: Oversee and manage the day-to-day operations of the Security Operations Center, including monitoring, analyzing, and responding to security alerts and incidents
- Threat Detection & Response: Identify, investigate, and respond to cybersecurity threats using advanced monitoring tools, SIEM platforms, and other security technologies
- Incident Management: Lead or support incident response activities, including root cause analysis, mitigation, and post-incident reporting
- Custom Scripting & Automation: Develop and maintain custom scripts (e.g., in Python, PowerShell, Bash) to automate security processes, improve threat detection, and streamline incident response workflows
- Security Monitoring & Analysis: Analyze logs, network traffic, and system behavior to detect potential security breaches or anomalies
- Tool Implementation & Optimization: Support the deployment, configuration, and optimization of security tools such as SIEM, SOAR, IDS/IPS, firewalls, and endpoint detection and response (EDR) solutions
- Collaboration with Teams: Work closely with IT, DevOps, and other security teams to ensure consistent security practices and to implement protective measures
- Security Policies & Procedures: Participate in the development and maintenance of security policies, procedures, and best practices
- Training & Mentoring: Provide guidance and mentorship to junior team members and contribute to the continuous improvement of the SOC team
Requirements:
- Experience working in or running a SOC
- Strong scripting skills in Python, PowerShell, Bash, or similar languages, with experience in automating security tasks
- On-prem Firewall Rule and Configuration (Palo)
- Experience with various on-prem and Cloud environments (VMware, AWS, Azure)
- Experience with security log/analysis tools such as Splunk, ELK, SumoLogic, or similar SIEM platforms
- Experience with XDR, DLP, and UBA tools and concepts (Cortex, CrowdStrike, etc.)
- Good understanding of network protocols and system security
- Windows and Linux experience
- Experience with CI/CD and DevOps practices
- Strong problem-solving and analytical skills
- Familiarity with version control (Git)
- Excellent communication and collaboration skills