Security Operations Engineer - Remote

Overview

As a member of security operations, you’ll play a key role in ensuring trust and security are core to day-to-day operations. This will be a hands-on position as we mature our security team, and you will be responsible for improving and automating our security operations practices.

In Short

• Creating custom SIEM queries and dashboards to support monitoring and detection.
• Develop new detection logic and tune existing sensors/security controls.
• Research cybersecurity exploits, vulnerabilities, techniques, and tactics.
• Analyze and tune logs, events, and SIEM alerts.
• Perform incident response investigation from escalated events.
• Conduct host-based analysis and malware analysis.
• Coordinate security investigations with stakeholders.
• Deploy and support tools for security telemetry collection.
• Leverage automation and APIs for security operations.
• Generate reports for technical and non-technical staff.

Requirements

• 7+ years of security operations experience.
• Experience with detection engineering and incident response in a cloud environment.
• Experience developing security automation with Python and AWS.
• In-depth knowledge of SIEM and data lakes like Snowflake.
• Experience in developing custom content within Snowflake.
• Building custom threat detection tooling and frameworks.
• AWS experience including Guard Duty and CloudTrail.
• Familiarity with attack frameworks and mitigation.
• Relevant security certifications are a plus.
• Experience building data ingestion pipelines for large unstructured data volumes.

Benefits

• Medical, dental, and vision plans.
• Flexible wellness stipend.
• Mental health benefits.
• 401(k) program.
• Education and learning stipend.
• Flexible vacation time.
• Paid parental leave.
• Company-wide recharge days.
• Work from home stipend.