Social network you want to login / join with :
Our client is a world-renowned US startup in the field of automation. This California unicorn is still a private enterprise experiencing hypergrowth. They are looking for an exceptional Senior Security Engineer to join their team as they build their defensive security capabilities. This is a full-time, permanent role. Hybrid or Remote.
Requirements
* At least 5 years of multifaceted defensive and offensive security experience in an enterprise SaaS-based company.
* Strong technical knowledge and deep experience in security logging and monitoring, vulnerability assessment, risk-based analysis, and vulnerability mitigation.
* A skilled security expert who can implement tools and processes to incorporate threat intelligence from the ground up and automate threat-hunting.
* Operational experience with AWS security solutions (e.g., Inspector, GuardDuty, Detective, Security Hub, Advanced Shield).
* Hands-on experience designing and deploying security controls across all security domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, and offensive security solutions.
* Capable of leveraging programming and/or scripting languages (Python, Go, Ruby) to solve practical security challenges.
* Strong understanding of encryption technologies (e.g., TLS, HMAC, RSA, AES, PKI).
* Experience conducting or managing incident response and investigating targeted threats.
* Knowledge of common penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc.
* Bachelor’s or Master’s degree in computer science or equivalent experience.
* Information security professional certifications (e.g., CISSP, CISA, GSEC) are a plus.
* Ability to work autonomously in a fast-paced, cross-functional environment and comfortable with ambiguity.
RESPONSIBILITIES
* Develop and enhance our defensive security capabilities, identifying advanced threats and implementing countermeasures.
* Respond to incidents and conduct investigations by analyzing logs and other sources (e.g., AWS GuardDuty, SecurityHub, Detective).
* Engineer and automate custom detection and response capabilities to combat malicious behaviors.
* Stay updated with Tactics, Techniques, and Procedures (TTPs) and define mitigation techniques to improve our risk posture.
* Build and support security frameworks, tools, and processes across our SDLC and runtime environments.
* Conduct vulnerability assessments and security audits of assets.
* Improve incident detection processes and execute countermeasures.
* Create and maintain run books for security incidents.
* Manage security configurations for threat management platforms, including SOAR and SIEM tools.
* Guide security architecture for threat detection and response systems.
* Assist during security audits to demonstrate our technical security capabilities.
* Collaborate with product management and development teams to enhance security programs.
* Participate in Security Operations on-call rotations, leading incident response efforts and documentation.
#J-18808-Ljbffr