As a Security Operations Engineer, you will develop and maintain the tools and processes required to keep platform teams updated on the latest security issues that affect them, as well as identify and execute security improvements across our infrastructure.
In this role, you will:
- Build and continuously improve security monitoring of infrastructure and applications, including identifying appropriate event sources, consuming and parsing log data, building visualizations of events of interest, and building alerting and triage workflows.
- Identify security misconfigurations and infrastructure improvements through a combination of manual reviews and building / using vulnerability management tooling.
- Assist engineering teams with developing future services to better support monitoring and response activities, both through education and the design of frameworks and libraries.
- Assist the platform teams with designing and building infrastructure that supports rapid patching of security issues without service interruptions.
- Identify, investigate, and help resolve security incidents.
- Have experience building, configuring and operating an ELK logging stack, or a close equivalent.
- Are experienced maintaining AWS infrastructure and understand the ways in which features like Kinesis, Athena, and VPC Flow Logs can be used for security monitoring.
- Are comfortable developing software or scripts in a language of your choice for the purposes of automating and scaling common tasks.
- Are experienced administering Linux operating systems. Administration and monitoring of OS X endpoints and common network devices are a plus.
- Have 3+ years exp.