Senior Security Operations (Secops) Engineer

Samsung SDS America (SDSA) serves as the U.S. technology and innovation hub for Samsung's global enterprise solutions, delivering secure, scalable, and high‑performance IT services that support some of the world's most complex business environments. As SDSA continues to expand its cloud, mobility, analytics, and cybersecurity capabilities, maintaining a resilient security operations foundation is essential to protecting the company's digital assets and ensuring uninterrupted service delivery. This need for operational rigor and real‑time threat defense creates the environment in which the Security Operations Engineer plays a critical role.

The Senior Security Operations Engineer leads project‑focused initiatives that advance SDSA's security posture, rather than handling routine ticket resolution. The engineer drives end‑to‑end delivery of security‑control automation, threat‑management platforms, and governance frameworks while maintaining day‑to‑day operational integrity. Core responsibilities span strategic program leadership, real‑time threat detection & response, and security‑control optimization.

Responsibilities:

• Lead Security‑Operations Projects- Own the full lifecycle of multi‑disciplinary security projects (e.g., SIEM migration, DLP automation, Secure‑Web‑Gateway hardening), from requirements gathering and stakeholder alignment to design, implementation, testing, and post‑deployment review.
• Architect & Enforce Control Governance- Develop and maintain detailed runbooks, playbooks, and SOPs that codify security‑control configuration, change‑control processes, and compliance checkpoints across firewalls, IDS/IPS, anti‑malware, and data‑loss‑prevention solutions.
• Direct Real‑Time Threat Management- Oversee the configuration, tuning, and integration of SIEM, DLP, and Secure‑Web‑Gateway telemetry; design correlation rules that reduce false positives by > 30 % and trigger automated containment workflows via SOAR platforms.
• Participate in Incident Response Programs- Play a key SME role to identify and drive incident response resolutions.
• Collaborate with Security Engineering & Architecture Teams- Partner with engineers to embed vulnerability‑management findings into patch‑prioritization pipelines; advise architects on control selection that satisfies regulatory requirements (e.g., GDPR, CCPA, NIST 800‑53).
• Drive Continuous Improvement- Lead change‑management initiatives that modernize legacy security tools, introduce security orchestration (e.g., Ansible, Terraform), and enforce configuration‑as‑code standards.
• Vendor & Policy Management- Assist GRC in technology review of 3rd party and partners