Samsung Cloud SOC Engineer 

United States, California, Mountain View 

582106091

Role and Responsibilities

Cloud SOC Engineer

As a Cloud SOC Engineer, you will be responsible for the cloud security detection pipeline within Samsung Ads. In addition, you shape organization-wide security incident response best practices, resolving complex security issues, and participating in technical conversations with software developers to answer complex security queries and act as the first line of defense.

KeyResponsibilities

• Building out the detection pipeline using the existing CSPM (cloud security posture management), ASM (Attack surface management) , DLP , SIEM and SOAR tools; tuning out false positives and automating playbooks.

• Maintain all installations of security related applications, security operations playbooks, incident response plans, processes, procedures, and equipment. Drive proactive monitoring and reporting for security controls and identify opportunities to implement security automation.

• Understand Cloud Security Threats and engage in regular threat hunting.

• Build out the Infrastructure as code pipeline as well as develop custom and open source security solutions.

• ​​Scale proactive security controls to new environments (e.g. acquisitions).

• Work on the remediation ofvulnerabilities.

• Monitor and respond to security incidents, perform containment and forensicinvestigations.

Experience & Qualifications

• Minimum 6 years' experience and a Bachelor’s degree in Computer Science or related fields such as Statistics, Data Science, Technology, Engineering and Mathematics.

• Minimum 4 years' experience and a Master's degree in Computer Science or related fields such as Statistics, Data Science, Technology, Engineering and Mathematics.

• Ability to work on your own with self-motivation and be able to motivate your team members. Ability to ensure tasks are completed as specified without micromanaging

• Strong critical thinking skills and the ability to solve problems.

• Deep understanding and hands-on experience in cloud security on at least one of the major cloud platforms (AWS, GCP, Azure), preferably AWS.

• Experience in network security, endpoint security, vulnerability management and cloud native security tools

• Automation proficiency in python or similar, as well as experience in onboarding SIEM and SOAR solutions and creating low code/no code playbooks. (Preferably in splunk/sumologic.)

• Experience in handling large data sets and building effective detection pipelines, applying the principle of detection as code.

• Understanding of threat landscape, MITRE ATT&CK framework and being able to translate those to actionable detections, tuning out false positives.

• Certifications such as GCIH, GMON, GCTD, GCPN are preferred, but not required.

The salary range for this role is expected to be between $160,000 and $185,000. Actual pay will be determined considering factors such as relevant skills and experience, and comparison to other employees in the role.