Senior Security Operations Engineer - remote

ThreatConnect, Inc.
Posted 4 years ago
Stack Overflow

Company background

Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness in one place. To learn more about our threat intelligence platform (TIP) or security orchestration, automation, and response (SOAR) solutions, visit ThreatConnect.com.

Job Description

The Senior Security Operations Engineer implements and operates data security functions for various ThreatConnect information systems in support of the ThreatConnect InfoSec and compliance programs.

Role Specifics

In this role you'll get ...

  • To assist in the development of systems and processes to support ThreatConnect information security and compliance programs such as ISO 27001 and SOC 2
  • To hunt for and investigate events of interest using log aggregation and correlation
  • To create, implement, and maintain system baseline configurations
  • Participate in change management and perform security impact analysis for production system configuration changes
  • To architect and assist in the implementation of security architecture of various ThreatConnect systems
  • Perform security vulnerability and compliance scans of websites, operating systems, and databases, and track and report findings
  • To coordinate with the various ThreatConnect teams to address vulnerabilities in a timely manner
  • To perform penetration testing on ThreatConnect SaaS and various other web applications
  • To respond to and perform cyber forensic investigations for security incidents
  • To participate in internal and external compliance audits such as ISO 27001, SOC 2, and FedRAMP

1-3-6-12 Month Plan

On day one we’ll expect you to…

  • Familiarize yourself with the ThreatConnect InfoSec program and compliance requirements
  • Familiarize yourself with various ThreatConnect system designs and their security architectures
  • Analyze current gaps in the technical and operational controls

At 3 months we’ll expect you to…

  • Design and implement technologies and operational controls in support of the ThreatConnect InfoSec program
  • Document system security plans for ThreatConnect systems including security architectures and control implementation

At 6 months we’ll expect you to...

  • Begin continuous security and compliance monitoring to include vulnerability management, event monitoring, and penetration testing
  • Participate in 24x7 on call rotation for security related events

At 12 months we’ll expect you to..

  • Become a key Senior Security Operations Engineer accountable for the day-to-day information security functions
  • Interface with internal and external auditors for compliance audits
  • Partner with the Sr. Director of Security in InfoSec program strategic planning and development of short and long term goals

Qualifications:

  • Bachelor’s degree in Computer Science/Cyber Security or related field
  • 6+ years experience in information security engineering and security monitoring
  • Have a solid understanding of security architecture of environments comprising AWS (S3, EC2, database services, VPCs, security groups, backup services, CloudWatch, Cloudtrail, GuardDuty etc.), Linux, Windows server and user OS, databases (RDS, SQL, SAP HANA, Postgres), ElasticSearch, and Mac OS
  • Strong understanding of security systems such as malware protection, firewalls (AWS WAF, Palo Alto), IDS/IPS, DLP, and load balancers
  • Strong understanding of encryption, secure communication, authentication, secure DNS, and network traffic analysis
  • Strong understanding of configuration management tools such as Ansible, SCCM, and GPOs
  • Expert level understanding of SIEM tools such as Splunk or Graylog
  • Expert level understanding of configuration and operation of vulnerability scanning and penetration testing tools such as Nessus, BurpSuite, and Qualys
  • Have excellent understanding of automated and manual penetration testing using OWASP methodologies and emerging techniques
  • Solid understanding of at least one of the compliance/RMF programs such as ISO 27001, SOC 2, NIST, or FedRAMP
  • Strong communication (documentation and presentation) and analytical skills are required

Added bonuses you have...

  • Setting up brand new event monitoring and vulnerability scanning systems
  • Some formal project management experience or familiarity with it
  • Certifications such as AWS Security and CISS

Work-Life Balance:

  • 10 Paid Federal Holidays
  • Accrued Paid Time Off (PTO) for vacation/sick, time
  • Your birthday off
  • Employee recognition program with quarterly awards
  • Employee referral program
  • Military leave options available
  • Education reimbursement program for job-related college courses and professional training
  • Quarterly events with your geographic team
  • Annual company party

Medical:

  • MEDICAL PREMIUM FOR INDIVIDUALS AND FAMILIES ARE 100% COVERED
  • Prescription drug coverage
  • Dental coverage
  • Vision coverage
  • Company-paid short term and long term disability
  • Company-paid insurance and AD&D coverage
  • Pet Insurance

Financial:

  • 401K retirement savings plan with company matching program up to 6%
  • Health Savings Account
  • Flexible Spending Accounts (medical, dependent care, transit and parking)
  • Cell phone stipend
  • Paid Parental Leave
  • Paid Bereavement Leave