IT Senior SOC Engineer | MAA Corporate Office

The IT Senior SOC Engineer reports to the IT Security Manager and monitors, builds and maintains network security systems and architecture for the company; partners with other IT teams to deliver IT security and ensure systems are optimally up-to-date; documents security requirements, procedures, and protocols to ensure users have correct resources; solves day-to-day incidents/requests submitted by customers and escalates tickets for logs or cases derived from SIEM or other security solutions.The successful candidate will embody and work to reinforce MAA’s Core Values. Those values include:Appreciating the uniqueness of each individualCommunicating openly and with integrityEmbracing opportunitiesDoing the right thing at the right time for the right reasonsDuties And ResponsibilitiesAdministers and maintains industry-leading security tools; performs system management and rules development.Conducts security vulnerability assessments including, but not limited to, vulnerability scanning, compliance auditing, impact analysis, and risk assessments.Ensures security log flow from various security devices and appliances to the SIEM (Security Information and Event Management) system.Configures advanced system views and reports within the SIEM to prioritize and monitor security events to analyze and mitigate incidents before they evolve.Engages in the incident response lifecycle to mitigate, circumvent, and prevent attacker objectives; includes validation and authorship of use cases and functions leveraging event data, SIEM log analysis, and network data analysis tools.Checks and monitors alarms and audit logs to identify and remediate potential security threats; receives escalated, more complex issues from other team members.Prepares weekly & monthly reports for distribution, review and potential follow-up actions.Conducts advanced analysis of email headers and envelopes of emails.Analyzes and remediates associate-reported suspicious email; receives escalated, more complex issues from other team members.Addresses associate-reported encrypted issues.Creates and tests new policies per company requirements.Participates in the policy & procedures review processMaintains compliance for company; ensures the effects of changes align & further ensure continued compliance with Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) Records.Develops and recommends changes within the networks and/or systems to ensure adherence to security policies IT change requests for configuration and network communication issues (AD issues, DNS issues, Network issues).Learns and adapts to the latest network and security technologies, driving the continuous process improvement cycle, developing new efficiencies and automation improvements for the team.Creates playbooks to assist in increasing incident response accuracy & efficiency; may review & recommend approval of other team members’ work.Initiates, responds and resolves cybersecurity cases and escalations.Composes and drafts security alert notifications for distribution via Internal Communications.Performs other related duties as assigned to meet the needs of the business. Required QualificationsBachelor’s degree in Information Technology, Computer Science, or a related field required, or an equivalent combination of experience, education and certifications/licenses requiredThree (3) to five (5) years of job-relevant work experience within the IT security industry requiredProfessional level experience in two (2) or more of the following required:Security Information and Event Management (SIEM)Content filters, or email protection systemsFirewallsVulnerability and compliance scannersNetwork traffic flow devicesSystems knowledge of WindowsSystems knowledge of virtual machine platformsPreferred QualificationsExperience in a corporate IT environment developing & maintaining IT security solutions preferredKnowledge, Skills, And AbilitiesKnowledge of IT security management processes including, but not limited to, the following: risk management, security planning, IT security control implementation, testing, and logical access controlsKnowledge in troubleshooting Microsoft Outlook issues, internet fundamentals, network routing, email delivery, and securityKnowledge of DNS fundamentals concerning Active Directory and Microsoft ExchangeSkill in managing tickets/issues, following-up, and closure processes (including receiving escalated, complex issues from other IT team members and/or collaboration with system administrator)Skill in analysis and investigation of issues based on tracking informationSkill in analysis of email headers for investigation and attachment via email for prohibited file typesSkill in analysis of spam, phishing, spoofed, and blacklisted domainsSkill and ability to clearly and concisely communicate verbally and in writing with team members and customersSkill in applying critical thinking, analysis and problem-solving methodsSkill in managing projects, organizing, prioritizing, and meeting deadlinesSkill in working under minimal level of supervision or oversightPhysical And Environmental RequirementsThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this jobWhile performing the duties of this job, the employee is regularly required to talk or hear; the employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and armsThis position requires the ability to occasionally lift office products and supplies, up to 20 poundsThis job operates in a professional office environment; this role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machinesDisclaimerPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.