American Technology Services

• Ability to work individually and in team environments both internally and with clients to formalize client systems and project implementation and migration plans. • Provide proactive maintenance of systems, technical support, and guidance of client network and systems. • Ability to work as part of a team to solve problems. • Manages system back-up and recovery solutions. • Perform troubleshooting analysis of desktop applications, servers, and network components. • Monitors system performance and implement tuning as needed. • Participates in developing and maintaining technical documentation associated with customer systems. • Follow department procedures for successful incident management. • Proactively monitor overall health of network and server infrastructure, which includes, but is not limited to, backups, patching, threat management software, and overall health of server systems and network devices. • Participate in on-call rotation as required.

About American Technology Services LLC American Technology Services (ATS) started in 1994 with the same mission as today, providing high-quality managed IT services, network support, and cybersecurity services to firms where quality matters most – the organizations that rely heavily on information technology and high levels of services. Over the years, ATS has built client trust that has lasted for years and years. As time goes forward, our consultative approach resonates well, and our “corporate knowledge” about our clients’ IT operations helps our clients perform at a higher level. About the role At ATS, you’ll join a dedicated team focused on Incident Detection & Response, working to protect the people, processes, and technology of our organization. We are seeking an experienced and adaptable Security Operations Engineer to join our Cybersecurity team. This role reports to the Cybersecurity Manager and will play a critical part in responding to cybersecurity incidents across the enterprise. What you'll do Serve as a primary responder to security incidents, including the monitoring, triaging, and investigation of security alerts in a timely manner. Collaborate with cross‑functional teams to document, enhance, and coordinate Incident Response processes. Maintain and organize Cybersecurity documentation, including the creation and upkeep of incident response playbooks. Participate in and/or lead incident post‑mortems, distilling lessons learned into actionable recommendations and comprehensive written reports. Analyze logs and EDR telemetry across a variety of systems, including medical devices, cloud applications, workstations, and data exchange platforms. Conduct investigations across Windows, Linux, iOS, and cloud platforms using SIEM tools and manual log analysis. Participate in a global on‑call rotation. Identify opportunities for automation and for improving detection capabilities. Perform proactive threat hunting to identify emerging tactics, techniques, and procedures (TTPs). Assess and respond to new and evolving threats using threat intelligence to evaluate likelihood and organizational impact. Assist in forensic acquisition, malware analysis, and network analysis. Qualifications Proven ability to translate abstract requirements into clear, actionable steps. Excellent written and verbal communication skills, including the ability to convey technical concepts to non‑technical audiences. Strong work ethic with exceptional attention to detail and organizational skills. Ability to prioritize and multitask effectively in a fast‑paced environment. Capable of working both independently and collaboratively within a team. Conceptual understanding of software development methodologies. Experience with application security, SaaS, or cloud security is a plus. Experience with programming or scripting languages is a plus. Familiarity with cloud environments (e.g., AWS, Azure) and automation frameworks.