Security Operations Lead - Remote

Overview

Onit, Inc. is looking for a Security Operations Lead to join our team to help secure our Enterprise SaaS applications and corporate infrastructure. To be successful in this role, you should have great people and technical skills and a passion for technology. The individual we look for is bright, creative and a problem solver. You must be able to multi-task in a fast-paced environment and be a self-starter with the ability to work independently.

In Short

• Lead the Security Operations team, providing SecOps support during US Central Time business hours.
• Manage and conduct vulnerability testing, penetration testing, and client security audits.
• Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response.
• Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations.
• Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation.
• Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response.
• Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action.
• Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment.
• Develop and tune detection rules, alerts, and reports within SIEM tools to enhance threat visibility and response.
• Assist with the development and updates of Security Policies for SOC2 and ISO27001 compliance.

Requirements

• Minimum of 5 years of experience in information security, with at least 2 years focused on cloud security.
• Proficient in AWS with a strong understanding of AWS networking/VPC, IAM, Security Groups, EC2, RDS, S3, and containers (EKS/ECS).
• Knowledge of various AWS Native Security tools, security frameworks, and CSPM tools.
• Experience in security tools such as vulnerability scanners, IDS/IPS, firewalls, and endpoint security monitoring.
• Experience with threat detection and threat intelligence.
• Experience securing large-scale SaaS-based enterprise applications.
• Familiarity with security frameworks such as NIST and ISO 27001.
• Strong communication, problem-solving, and collaboration skills.

Benefits

• Experience in leading and mentoring a team, fostering a security-first culture.
• Certifications such as CCSP, AWS Security, OSCP, or equivalent are preferred.
• Experience with Cloudflare and/or AWS WAF configurations.
• Experience with AWS Guard Duty and CrowdStrike.