Senior Security Operations Engineer

Job Description

Job Title: Senior Security Operations Engineer

• This is a contract position but could have the possibility to go full-time at some point
• Location – needs to be within a one-hour drive of Palo Alto, CA.  This person will be primarily remote for now, however, once Covid is over they will need to report to the office occasionally.

Job Description

You will be working with the company’s fast-growing security team to better meet the needs of our customers in the global healthcare sector.  As a
Contract Senior Security Operations Engineer, you will have the opportunity to work closely with our DevOps, hardware, software, AI, and cloud engineering teams to secure our product and our cloud security architecture. As we scale our business internationally and into large enterprises, security has never been more important to our company and those patients we help every day.

As part of our team, your core responsibilities will be:

• Assess, triage, and prioritize security alerts from logging and monitoring systems
• Conduct vulnerability assessment, determine deviations from acceptable configurations, and assess the level of risk; recommend appropriate mitigation countermeasures
• Work in collaboration with SRE, IT, cloud operations, and engineering teams to secure our AWS environment; define a unified incident response process, complete with performance metrics and post mortems
• Oversee security assessments, including penetration tests of the production environment
• Design, implement, configure, and support security and IT solutions and tools (e.g., SIEM, IDPS, IAM, MDM)
• Keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
• Assist in digital forensic activities including collect, process, preserve, analyze, and present  evidence in support of vulnerability mitigation, and investigations
• Perform cyber defense analysis by using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, Cloud Trails) to analyze events for the purposes of mitigating threats.
• Help develop an Incident Response program
• Develop playbooks, work instructions, and automation solutions.
• May require work nights, weekends, or holidays on a rotational basis with the rest of the team to ensure 24×7 coverage.
• Supports our CISO in additional security projects, as needed

Qualifications

Baseline skills/experiences/attributes:

• BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus
• Minimum 5+ years of cybersecurity experience, 2 of which include being in a SOC/CSIRT environment
• Experience investigating cybersecurity events and incidents using a full suite of alerting and response tools, digital forensic or malware analysis tools
• Experience with one major SIEM system; Splunk is a plus
• Hands-on experience working with AWS services and tools such as IAM, CloudTrail, CloudWatch, SecurityHub, GuardDuty, Inspector, Shield, WAF, KMS, Secrets Manager, Lambda, CloudWatch, PagerDuty
• Demonstrable knowledge of Information Security attack methods and techniques
• Experience creating and maintaining threat models
• Strong understanding of networking basics, including firewall, IDPS, and segmentation
• Familiar with serverless compute such as AWS Lambda and container implementations with EKS, Kubernetes, etc.
• CISSP, OSCP, GIAC, and or AWS Certified Security Specialty a plus
• Perform a broad variety of tasks in support of the role and responsibilities

Ideally, you also have these skills/experiences/attributes (but it’s ok if you don’t!):

• Familiarity with DevSecOps, CI/CD, AppSec, and agile methodology
• Google Cloud Platform security experience
• Experience working in a high-growth scaling environment

You Deeply Identify with Core Company Values:

• Efficient & Speedy – you get work done in a fraction of the time as industry peers
• Intellectually Curious – you are thoughtful & inquisitive; people enjoy working with you because they learn from you
• Mission-Driven & Committed – you are passionate about the company’s purpose and are immensely productive
• Team Oriented – you celebrate and take joy in the success of others on the team