ThreatConnect, Inc. provides cybersecurity software that reduces complexity for everyone, makes decision-making easy by turning intelligence into action, and integrates processes and technologies to continually strengthen defenses and drive down risk. Designed by analysts but built for the entire team (security leadership, risk, security operations, threat intelligence, and incident response), ThreatConnect’s decision and operational support platform is the only solution available today with cyber risk quantification, intelligence, automation, analytics, and workflows in one. To learn more, please visit www.threatconnect.com.
We offer a competitive benefits package with comprehensive insurance coverage, unlimited paid time off, and unique perks designed to help you meet your financial and personal goals.
We are committed to offering an employment experience and benefits package that enables you and your family to grow with us and to share in our success. We love to recognize our employees who have gone above and beyond, and offer incentives like quarterly awards, an employee bonus, and referral program, and team-building outings.
The Senior Security Operations Engineer serves as a defensive security expert for the ThreatConnect AWS SaaS infrastructures.
In this role you'll get to...
- Drive security architecture, incident response, and vulnerability management
- Monitor network traffic and event logs for suspicious activities using SIEM
- Bring to the table knowledge of AWS and Linux security, EC2, Container, and application vulnerability management
- Secure, manage, and monitor SecOps security systems and tools
- Investigate network traffic and logs of interest
- Perform vulnerability scans of EC2 instances, Docker images
- Analyze the detected vulnerabilities for severity and provide remediation steps
- Manage access to various critical systems
- Coordinate external penetration testing on ThreatConnect SaaS applications
- Participate in change management and perform security impact analysis for production system configuration changes
- Participate in internal and external compliance audits such as ISO 27001 and SOC 2
- Respond to and perform cyber forensic investigations for security incidents which may require working outside of the normal office hours
About YouYou are collaborative.
You're a team player who puts the interest of the team above your own. You display a positive attitude, are open-minded, and enjoy contributing.
You are a great communicator. You get your message across clearly to all the necessary teams and individuals within your team.You are a quick learner. You love to build new skills and learn new subject matters. You relish the idea of applying your skills to other facets of your life outside of work.
1-3-6-12 Month Plan
In the first month we’ll expect you to…
- Perform SIEM monitoring using SIEM to detect unauthorized activities
- Be able to perform OS vulnerability scans
- Be able to review OS, software, and code vulnerabilities and help determine their contextual severity and remediation paths
At 3 months we’ll expect you to…
- Be able to provide inputs on AWS security architecture and configurations of the SaaS networks based on industry standards and best practices
- Draw from your previous experience and recommend security operations tools to support day-to-day operations
At 6 months we’ll expect you to...
- Be able to confidently communicate information security practices and standards based on industry best practices
- Develop operating procedures such as incident response, disaster recovery, and vulnerability management procedures
- Participate in 24x7 on-call rotation for security-related events
At 12 months we’ll expect you to...
- Become a key Senior Security Operations Engineer accountable for the day-to-day information security functions
- Interface with internal and external auditors for compliance audits
- Partner with the Manager of InfoSec and Compliance in the InfoSec program strategic planning and development of short- and long-term goals
About the Team
- This role reports to the Manager of InfoSec and Compliance
- You will be a part of the SecOps team that is currently being built
- You will be working with the other IT and DevOps engineers
- Most of the team works remotely and collaborates heavily using Slack and Google Meet working sessions
- 4+ years of experience in AWS network engineering
- 4+ years of experience in vulnerability management with tools such as Rapid7 or Nessus, NVD CVE, OWASP
- 4+ years of experience in SIEM monitoring with tools such as ELK, Splunk, or Graylog
- Bachelor’s degree in Computer Science/Cyber Security or a related field
- Solid understanding of AWS network architecture - specifically EC2, GuardDuty, S3, VPCs, security groups, backup services, and databases (RDS, SQL, SAP HANA, Postgres)
- Solid understanding of Linux, Linux CLE, shell, and SQL scripts
- Strong understanding of encryption, secure communication, authentication, network traffic analysis, and OS hardening
- Working understanding of configuration management tools such as Ansible, Terraform, Chef, Puppet, Docker containers
- Strong communication (documentation and presentation) and analytical skills are required
- Previous SaaS security experience
- Working understanding of CI/CD processes and software developed using Python and Java
- Some certifications such as AWS Security, ethical hacking/OSCP, CISSP
- Unlimited Paid Time Off (PTO)
- Employee recognition program with quarterly awards
- Employee referral program
- Military leave options available
- Education reimbursement program for job-related college courses and professional training
- Quarterly events with your geographic team
- Annual company party
- MEDICAL PREMIUMS FOR INDIVIDUALS AND FAMILIES ARE 100% COVERED
- Prescription drug coverage
- Dental coverage
- Vision coverage
- Company-paid short-term and long-term disability
- Company-paid insurance and AD&D coverage
- Pet Insurance
- 401K retirement savings plan with company matching program up to 6%
- Health Savings Account
- Flexible Spending Accounts (medical, dependent care, transit and parking)
- Cell phone stipend
- Paid Parental Leave
- Paid Bereavement Leave
Research shows that while men apply to jobs when they meet about 60% of job criteria, women and individuals from marginalized groups tend to apply only when they check every box. If you think you have what it takes but you’re not sure that you check every box, apply anyway!