Envoy Global is a proven innovator in the global immigration space. Our mission combines our industry-leading tech platform with holistic service to streamline, simplify and expedite the immigration process for employers and individuals.
We are seeking an Information Security Engineer with experience in Security Operations to support threat detection, incident response, and endpoint and data protection initiatives. The role involves monitoring and investigating security events using EDR and DLP tools, managing security incidents, and collaborating with IT teams to detect, analyze, and remediate security threats while ensuring effective security operations.
As our Information Security Engineer, you will be required to:
- Monitor and analyze security alerts generated from EDR, DLP, SIEM, and other security monitoring tools to detect potential threats.
- Investigate and respond to security incidents such as malware infections, suspicious endpoint activity, phishing attacks, and potential data exfiltration events.
- Perform incident triage, analysis, and escalation in accordance with established incident response procedures.
- Conduct endpoint investigations using EDR tools, analyzing process activity, file changes, and network connections.
- Monitor and investigate DLP alerts to identify potential data leakage or policy violations.
- Troubleshoot security alerts, endpoint agent issues, and security tool-related problems to ensure effective monitoring.
- Manage and track security incidents through ticketing systems, ensuring timely resolution and closure as per defined SLAs.
- Coordinate with IT, network, and infrastructure teams to support incident containment, remediation, and recovery activities.
- Maintain proper documentation of incidents, investigation findings, and remediation actions in security tracking systems.
- Support security tool maintenance, operational improvements, and adherence to security operations governance and procedures.
To apply for this role, you should possess the following skills, experience and qualifications:
- Hands-on experience with Endpoint Detection and Response (EDR) tools such as CrowdStrike, Microsoft Defender, SentinelOne, or similar platforms.
- Experience with Data Loss Prevention (DLP) technologies and investigation of data security incidents.
- Understanding of security incident investigation, threat detection, and endpoint security monitoring.
- Experience with security ticketing systems such as ServiceNow, Jira, or similar tools.
- Familiarity with log analysis, endpoint telemetry analysis, and security event investigation.
- Basic understanding of MITRE ATT&CK framework and common attacker techniques.
- Strong troubleshooting, analytical, and problem-solving skills.
- Good documentation and communication skills for incident reporting and coordination.
- 2–4 years of experience in a Security Operations Center (SOC) or Information Security role.
- Bachelor’s degree in computer science, Information Technology, or a related field.
If this role excites you, please take a moment to complete the questionnaire below and attach your current resume. We look forward to your prompt response.
