IT Security Engineer

What does an IT Security Engineer do at Swire Coca - Cola?
The IT Security Engineer is responsible for monitoring, investigating, and responding to security alerts escalated from a 24/7 SOC while supporting day to day security operations and continuous improvement initiatives. This role partners closely with internal IT and security teams to maintain, operate, and enhance the organization's security posture through effective vulnerability management, security tooling administration, and incident response. The ideal candidate combines strong technical security fundamentals with operational discipline, a proactive mindset, and the ability to balance reactive response work with long term security improvements.

Responsibilities

• Investigate, validate, and respond to security alerts and incidents escalated from the 24/7 SOC
• Perform event triage, root cause analysis, and containment actions in collaboration with internal teams
• Document incidents, investigations, and response actions in accordance with established procedures
• Assist in incident response exercises, post incident reviews, and lessons learned activities
• Execute day to day vulnerability management activities
• Partner with infrastructure and application teams to drive timely remediation
• Assist with the operation, maintenance, and optimization of security servers, platforms, and services
• Support and manage security tools such as: Endpoint protection platforms (AV / EDR / XDR) and Vulnerability scanning solutions
• Help tune detections, alerts, and operational policies to improve signal quality and reduce false positives
• Participate in security improvement initiatives aligned with business and risk priorities
• Contribute to the development and enhancement of SOC processes, playbooks, and runbooks
• Identify opportunities to automate repetitive tasks and improve operational efficiency
• Support audits, assessments, and regulatory activities by: Producing operational evidence and assisting with remediation and response efforts
• Ensure security operations align with internal policies and external compliance requirements
• Stay current on emerging threats, vulnerabilities, and industry best practices
• Apply threat intelligence and relevant insights to improve detection and response capabilities

Requirements

• Bachelor's Degree Computer science, engineering, cybersecurity, or other related field preferred
• 3+ years of progressive experience in cybersecurity operations or a technical role required
• CompTIA Security+, CySA+, or SecurityX or similar certification required
• GIAC certifications such as GCIH, GCED, GCIA preferred
• Hands on experience supporting a vulnerability management program required
• Experience working with endpoint security platforms (AV, EDR, XDR) required
• Understanding of common attack techniques, threat actors, and incident response methodology required
• Experience with SIEM platforms and alert triage workflows preferred
• Experience supporting enterprise environments (on prem and cloud) preferred
• Prior experience working in or alongside a 24/7 SOC environment preferred
• Ability to clearly document findings, actions, and recommendations
• Familiarity with ticketing systems and ITSM processes