Tanium

Sr. Cloud Cybersecurity Engineer

Tanium$120K — $355K *
Bellevue, WA 98006Hybrid
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • Bachelor's degree or equivalent experience; Cloud Security or IT Security preferred
  • 5-7 years in cloud security event prevention and response for public cloud systems
  • 3+ years in Kubernetes environment security for sensitive container workloads
  • Experience with detection and response methodologies in cybersecurity
  • Proficient in SQL, KQL, or SPL for security data analysis
  • Understanding of modern attacker tactics against cloud infrastructures
  • Experience in security event management in regulated environments

Responsibilities

  • Build and operate detection and response engineering in Azure, AWS, and Kubernetes
  • Enhance cloud and Kubernetes security measures and implement ongoing security programs
  • Characterize unauthorized activity in cloud and container systems through automation
  • Develop tailored detection policies and enhance security information practices
  • Integrate the latest security threats to improve detection measures
  • Collaborate with engineering and IT to create adaptable security solutions
  • Maintain positive relationships with internal customers

Benefits

  • Opportunity to work with cutting-edge cloud security technologies
  • Collaboration with a diverse and skilled engineering team
  • Engagement in proactive cybersecurity measures and threat hunting
  • Chance to influence cloud security strategies and policies
  • On-call responsibilities provide exposure to real-time incident response
Full Job Description
The Basics:

The Senior Cloud Cybersecurity (CCS) Detection and Response Engineer will collaborate with Detection, Security, and Software Engineers to proactively defend Tanium Cloud's services. You will be an integral part of the Tanium Cloud security engineering processes, responsible for the design, implementation, and operation of preventative, detective, and responsive controls to identify, assess, and counter risks and threats before impacting Tanium Cloud.

What you'll do:
  • Build and operate Tanium Cloud's detection and response engineering in Azure, AWS, and Kubernetes for detections, analysis, and responses as automation as code using DevOps methodologies
  • Continuously evaluate and enhance the design and effectiveness of Cloud and Kubernetes security measures and establish an ongoing program to advance security and close gaps in our defensive posture.
  • Proactively characterize unauthorized activity and malicious behaviors in our cloud and container infrastructure and systems through code, testing, and automation
  • Develop tailored detection policies, perform testing, and implement automation to observe, evaluate, enhance, and review security information using SecDataOps and best practices.
  • Proactively integrate the latest security threats, vulnerabilities, and industry trends to enhance security detection measures and generate intelligence driven hunts.
  • Work together with the engineering, IT, and other security groups to create solutions that are expandable and adaptable to protect Tanium Cloud against threats ranging from low-level actors to national cyber-threat agents.
  • Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
  • Be on periodic on-call for triage of critical events from detections and systems

We're looking for someone with:

Education:
  • Bachelor's degree or equivalent experience
  • Cloud Security, IT Security, or related technical field preferred

Locality
  • U.S. Candidates: In accordance with United States government customer requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)

OR
  • Canadian Candidates: In accordance with Canadian government customer requirements, applicants for this role must undergo personnel security screening and maintain Protected B reliability status

Cloud Detection Engineering Experience
  • 5-7 years of experience in cloud security event prevention, detection, response for public cloud systems (e.g. AWS, Azure) within a DevOps environment
  • 3+ years of hands-on experience in Kubernetes environment, logging, and runtime security for sensitive container workloads, preferably on AKS and EKS
  • Experience in detection and response engineering methodologies, such as building detection cases, proactively identify known and unknown cyber threats, advisory behaviors
  • Experience in using security query or analytic tools for security data analysis, such as SQL, KQL, or SPL
  • Build and improve security playbooks and runbooks for automating security detection and response
  • Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) against Kubernetes, Container, Serverless, Linux host, and Cloud services (e.g. MITRE ATT&CK, building threat intelligence, etc.)
  • Experience with security events and incident management in highly regulated hosting environments (such as ISO 27001, NIST SP 800-161r3, FedRAMP, Protected B)

Engineering Experience
  • Utilize robust analytical and problem-solving capabilities to confirm our hypotheses using precise data and in-depth root cause investigation.
  • Experience using high-level programming languages (Go, Python) to produce detection-as-code, tools, and automations
  • Experience managing cloud infrastructure as infrastructure-as-code (e.g. Terraform, CloudFormation, ARM, Pulumi)
  • Deliver high quality PRs daily using modern software engineering development and automation tools like Git and CI/CD pipelines (i.e. Jenkins, GitHub Actions)

Other
  • Deliver quality and velocity of contributions using DevOps principles
  • Relentless desire to automate the mundane to focus on solving the harder problems
  • Experienced engineer who can put out fires under pressure when things go wrong in production environments and address the root causes of those fires for the future

About Tanium

Tanium is an American cybersecurity and systems management company. The company provides security and IT operations solutions for enterprises and government organizations. Tanium's platform provides real-time visibility and control over endpoints, including laptops, servers, virtual machines, containers, and cloud infrastructure. The company's products are used by organizations in a variety of industries, including finance, healthcare, retail, and government. Tanium was founded in 2007 by Orion Hindawi and his father David Hindawi. The company is headquartered in Santa Clara, California.
Learn more about Tanium
Size
1,500 employees
Industry
Information Technology
Founded
2007
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Tanium

More Information Technology Jobs

Find similar Sr. Cloud Cybersecurity Engineer jobs:

NationwideBellevue, WA