Cyber Security operation Engineer

1. JOB DESCRIPTION

Job Title

Cybersecurity Operations Engineer – ATFM Security Managed Support (Day 2 Operations)

Job Description & Requirements

Role Purpose

The Cybersecurity Operations Engineer is responsible for the ongoing operational support, monitoring, and compliance activities of the ATFM security environment. The role involves continuous security monitoring, incident response follow-up, vulnerability management, and coordination with multiple internal and external stakeholders to ensure the security posture of the ATFM systems is maintained at all times.

Key Responsibilities

• Security Monitoring & Review Perform regular account and log reviews using Splunk, CyberArk, Trellix, Carbon Black, and other assigned tools. Investigate alerts and anomalies, escalating to the Team Lead or relevant stakeholders where required.

• Incident & Query Handling Follow up on security incidents and queries from HTSOC and GSOC. Coordinate responses with FM Teams (System, Cloud, Network) and tenants (Application owners).

• Vulnerability & Compliance Management Assist in remediation follow-up activities including maintaining and updating the risk register. Support follow-up actions from VAPT (Vulnerability Assessment and Penetration Testing) results. Work closely with the external CISO on security and compliance matters.

• Stakeholder Coordination Liaise with multiple teams to ensure timely resolution of security issues. Participate in operational meetings and provide status updates on open security actions.

• Reporting Prepare and deliver monthly security operation reports to management. Produce ad-hoc reports as requested by the Team Lead or management.

Must be able to respond to high-priority incidents outside standard working hours as part of standby duty

Required Skills & Experience

• Technical Skills: Proficient with security tools such as Splunk (SIEM), CyberArk (PAM), Trellix (endpoint protection), and VMware Carbon Black (EDR). Strong understanding of log analysis, incident investigation, and account privilege review processes.

• Security & Compliance Knowledge: Familiarity with vulnerability management, VAPT processes, and risk register maintenance. Understanding of common security frameworks and compliance requirements.

• Soft Skills: Strong coordination and follow-up abilities with internal teams and external vendors. Good written and verbal communication skills