Advanced Security Engineer - Security Operations
About The Position
Lead containment, eradication, and recovery for a variety of incidents such as; endpoint, cloud, and identity incidents. Serve as an escalation point for complex security events and incidents. Contribute to operational maturity through playbooks, mentoring, tabletop exercises, detections, and audits. Collaborate with cross-functional teams to improve logging visibility and response readiness. Utilize Threat Intelligence and identified TTPs to drive detection development, alert triage, and response prioritization. Provide feedback to the Detection team to improve quality of detections, enrichment, and automated response. Responsible for the planning, design and build of security architectures to ensure strong security posture, compliance with regulations, and safeguard customer's data. Manage information systems security, including disaster recovery, database protection, and software development. Demonstrate the company's core values of respect, honesty, integrity, diversity, inclusion and safety.
Requirements
- Bachelor's Degree computer science, information systems, or related technical field
- Any experience in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
- 8+ years of experience in a related security field
- Proven ability to design and build scalable, high volume, and low latency applications
- Advanced knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
Nice To Haves
- Master's Degree computer science, information systems, or related technical field
- Knowledge of the MITRE ATT&CK Framework
- Demonstrated experience with cloud environments such as Azure, GCP, or AWS
- Rule/Alert Tuning
- Demonstrated experience of Runbook development
- Understanding of Security Operations tooling such as SIEM/SOAR, EDR, Email Security Gateway, and Firewalls
- Foundational understanding of internal system functionality for Linux, Windows, and MacOS
Responsibilities
- Oversee Identity and Access management, cloud security, cryptography, logging and alerting, security operations, malware detection, incident response, vulnerability scanning, penetration testing, security architecture, and digital forensics
- Guide the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Monitor server and firewall logs, scrutinize network traffic, establish and update vulnerability scans
- Analyze and resolve complex security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required
- Manage and ensure the security of databases and data transferred both internally and externally
- Oversee penetration testing of all systems in order to identify system vulnerabilities; design, implement, and report on security system and end user activity audits
- Develop new and modify existing security policies and procedures to maintain compliance
- Evaluate existing and recommend new and emerging security technologies
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Communicate important updates with key stakeholders across the organization
- Coach and mentor other members of the security engineering team
- Must be able to perform the essential job functions of this position with or without reasonable accommodation
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
