Information Security Engineer

Only apply if you are fluent in English (only English resumes will be reviewed)OPERATIVE OVERVIEW300+ media companies as clients, $40+ billion in revenue processed, 25,000+ worldwide usersOperative is a revenue accelerant for media companies around the world.

No other software company in AdTech space, brings a comparable depth of experience to create truly innovative software that performs across all platforms, revenue models and business units.

We are a SAAS (Software as a Service) platform which helps clients manage advertisements both in the linear (TV) and digital space.

We have been in the market for over two decades and have 1100+ employees with 12 offices spread across the globe.

Operative is proud to play a pivotal role in the way advertising is bought, sold and managed across the media industry.

Role Summary:We are looking for an Information Security Engineer who will serve as the first line of defense in our security operations team.

This role involves monitoring and responding to security alerts and incidents generated from Managed Detection and Response (MDR) and Extended Detection and Response (XDR) to safeguard organizations' information and assets.

This role also involves the creation of comprehensive incident reports and contributes to the development and maintenance of incident response playbooks.

The ideal candidate is experienced with CrowdStrike Falcon (minimum 2 years) and is comfortable owning integrations, controls, and security policies end-to-end.

Responsibilities:CrowdStrike Ownership Own CrowdStrike Falcon operations end-to-end, including:Policy design, continuous fine-tuning, and enforcementSensor deployment, health monitoring, and coverage validationIntegrations with SIEM, SOAR, ticketing, and other security platformsDesign and implement automations within CrowdStrike, including: Automated containment and response actionsWorkflow automation for alert handling and escalationReduction of alert noise through intelligent tuning and suppressionContinuously optimize detections, prevention controls, and response logic to improve signal-to-noise ratio and reduce mean time to respond (MTTR).

Threat Intelligence & IOC ManagementOwn Threat Intelligence operations, including:Tracking emerging threats and active threat actor campaignsMaintaining and updating Indicators of Compromise (IOCs) (hashes, IPs, domains, TTPs)Translating threat intelligence into CrowdStrike detections, policies, and automated responsesProactively update detection and response logic based on changes in the threat landscape.

Security Operations & Incident ResponseMonitor, analyze, and respond to security alerts and incidents generated by MDR and XDR platforms.

Lead containment, eradication, and recovery efforts during security incidents.

Perform root cause analysis and drive corrective actions to prevent recurrence.

Produce clear, executive-ready incident reports and contribute to incident response playbooks.

Alert Triage & AnalysisAssess severity and legitimacy of alerts, distinguishing false positives from real threats.

Analyze alerts using contextual data, system logs, and threat intelligence to determine impact and scope.

Identify anomalous behavior indicative of compromise or policy violations.

Vulnerability Management & Remediation EnforcementOpen, track, and maintain vulnerability remediation tickets with Engineering and Cloud teamsClearly document risk, severity, and remediation expectations for each findingActively enforce remediation timelines, following up with responsible teams until closureValidate remediation effectiveness and ensure vulnerabilities are formally closedEscalate overdue or high-risk findings when remediation is delayed or blockedCollaboration, Automation & ImprovementWork closely with internal engineering, IT, and cloud teams during incidents.

Coordinate with external security vendors when required.

Participate in post-incident reviews and continuously improve detection, automation, and response maturity.

Contribute to security awareness and education initiatives, particularly for non-security audiencesMust-Have Skills:Minimum 2 years of hands-on experience owning CrowdStrike Falcon, including fine-tuning, automation, and response workflows.

Knowledge of TCP/IP, VPNs, firewalls, and intrusion detection/prevention systems.

Demonstrated experience building automated response actions inside CrowdStrike.

Experience working with MDR / XDR platforms in production environments.

Strong understanding of networking fundamentals and AWS services.

Understanding of common attack vectors (phishing, malware, ransomware) and how to mitigate them.

Proven ability in log analysis and IOC-driven investigations.

Experience operationalizing Threat Intelligence into detections and automated controls.

Excellent written and verbal communication skills.

Strong documentation skills for playbooks, investigations, and procedures.

Solid understanding of security frameworks and best practices.

Knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, VERIS, Cyber Kill Chain, Diamond Model, and other frameworks)Working Conditions: This role may require participation in an on-call rotation and the ability to respond to security incidents during non-standard hours.

Why join us?Operative is a technology-oriented product organization that believes in empowering its peopleWe use the latest tech stack and empower our engineers to learn, work and ideate on new technologies available in the marketWe provide flexi work schedules and remote working to encourage work life balanceWe are an equal opportunities employer and recruit based on the experience and skill set.

We offer a competitive salary and benefits package“Operative is a merit-first, equal opportunity employer; diverse applications are encouraged.”Operative cares about your privacy and protecting your data.

By submitting an application for a position with Operative, you acknowledge that you have read the following and consent to how Operative treats your data: the Candidate Privacy Policyand the Candidate Notice for Data Transfer and Retention.