You will be at the forefront of safeguarding sensitive user data and critical systems from a constantly evolving threat landscape. This includes proactively identifying and addressing vulnerabilities, implementing industry-standard security best practices, and driving the automation of security processes to enhance efficiency and scalability. Additionally, you will participate in incident response activities, conducting thorough investigations and implementing corrective actions to minimize the impact of security breaches. Incident Response - Act as the primary point of contact for security incidents detected by the MDR solution.
- Analyze and triage alerts generated by the MDR platform, prioritizing based on severity and potential impact.
- Coordinate and manage the incident response process, working closely with the MDR provider and internal teams.
- Escalate incidents to appropriate internal teams or external parties as needed, following established procedures.
- Develop and maintain incident response playbooks specific to MDR-related incidents.
- Track and report on incident response metrics, including detection time, containment time, and resolution time.
- Collaborate with the MDR provider to optimize detection rules and improve the overall effectiveness of the solution.
Security Engineering - Conduct security assessments of our systems and infrastructure to identify vulnerabilities and risks, identify risk owners and implement mitigating controls.
- Implement and maintain security controls, including access controls, Zero trust network access (ZTNA), network segmentation, and security monitoring tools.
- Design and operate identity management, lifecycle, governance and SSO.
- Implement and operate cloud security hardening and cloud security posture management across Google cloud and AWS.
- Develop and maintain security policies and procedures, and ensure compliance with industry and regulatory standards.
- Collaborate with SRE, AppSec and Information technology around vulnerability management, endpoint hardening, detection and response.
- Participate in incident response activities, including investigating security incidents and responding to security alerts.
- Collaborate with development and DevOps teams to implement security best practices throughout the software development and infrastructure lifecycle.
- Automate security processes using scripting and other automation tools.
- Stay up-to-date with the latest security threats, vulnerabilities, and technologies.
- Collaboration with the compliance and privacy team — help ensure that our company complies with industry best practices and standards
- Process improvements — help strengthen our own internal processes and procedures.
Skills and knowledge you should possess: - 4+ years of experience in a security or operations role, preferably in a cloud-based Linux environment.
- 2+ years experience with container and container orchestration systems
- Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience.
- Strong knowledge of security best practices and industry standards, such as NIST, CIS, and ISO.
- Relevant certifications such as CISSP, CCSP, GCP, or AWS Certified Security Specialty are a plus.
- Experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and endpoint protection.
- Experience with automation tools such as Terraform, Ansible, or Chef.
- Strong scripting skills using Python, shell, or other scripting languages.
- Excellent problem-solving skills and the ability to work well under pressure.
- Good communication and interpersonal skills.Confident working in and across cloud environments like AWS and GCP. Detailed knowledge of at least one cloud environment. Confident with common SDLC components, like git, Jira, Jenkins, etc ● At least an upper-intermediate level of English
Bonus points (nice skills to have, but not needed): - with common security tools and technologies, such as SIEM, EDR, and threat intelligence platforms.
|
