Overview:
Lead Security Engineer
Let’s face it. Technology moves fast. In order to secure that technology, you need to be just as fast. Being agile in security today requires a combination of development, system engineering, and investigative skills.
That’s where you come in! You are passionate about security. You are at home with incident investigation analysis, but not afraid to dive into the engineering side of things to create or optimize solutions to make incident response easier. You are familiar with Cyber Threat Intelligence (CTI) and threat hunting, and their roles in incident response, monitoring, and detection. Finally, you look to be a technical leader and mentor to other security engineers.
This position at Cvent is a technical, hands-on role that involves investigating and responding to information security incidents, with a focus on intelligence driven incident response. The role will also include supporting engineering efforts that facilitate incident handling. This may include work in SIEMs, SOAR platforms, EDR solutions, and Threat Intelligence Platforms (TIPs). A prime focus of the work will be on efficient Incident Response in dynamic cloud environments. You should also be able to adapt quickly and find creative ways to implement solutions in a fast-paced and high-profile technology landscape. You will work with the latest security tools, systems, and network technologies. A thirst for knowledge, a firm team-based mindset, a curious mind, and the desire to continuously stay abreast of new developments in the dynamic security space is a must.
In This Role, You Will::
- Conduct and manage security incident investigations for both corporate and product environments
-
Perform and lead Tier 2 and 3 responsibilities in support of Security Operations and Incident Response
- Mentor junior personnel in incident handling and investigations
-
Help keep incident response plans, runbooks, and other business processes current
-
Coordinate incident management functions between the Security Engineering and Operations Team, Technology resource stakeholders, and other internal support organizations (i.e. SRE, Legal, Networking), ensuring security is appropriately leading security incident handling
-
Assist with optimizing and auditing threat detection capabilities and SIEM content development in support of incident detection and investigation capabilities
-
Identify and plan automated incident response solutions in SOAR platforms or via other AWS native solutions
-
Work with other Security and Technology personnel to ensure that Threat Intelligence is well integrated into the Incident Response process
-
Track and report on security incident investigations
-
Assist with the management and operations of incident response supporting platforms as needed
-
Stay abreast of emerging technologies related to Cloud Security
-
Engage in proactive Threat Hunting activities
-
Contribute strategically to the technological direction of the team and its programs
Here's What You Need::
- 8+ years of experience in security engineering, security operations, or security incident response
-
Bachelor’s Degree in Computer Science or related degree
-
Solid familiarity with scripting in support of digital forensics and incident response, including the integration of various security tools
-
Familiarity with incorporating cyber threat intelligence into incident response
-
Experience investigating security incidents in AWS Cloud
-
Some experience with the AWS platform and services such as Config, Security Hub, Lambda, CloudWatch, CloudTrail, S3, WAF, Guard Duty, Shield
-
Ability to adapt to a hyper-growth pace and changing priorities
-
Excellent problem solving and analytical skills; outstanding oral and written communication skills
-
Familiarity with common classes of security tools: SIEM, DLP, WAF, NGAV, and Vulnerability Scanners
-
Self-motivation and the ability to work under minimal supervision
Preferred Qualifications:
-
Knowledge of high traffic and other cloud-based infrastructures and how they affect security needs (i.e. cloud infrastructure, AWS, Serverless SOA architectures) would be a plus
-
Proficiency in Python or Java languages
-
Proficiency with leading digital forensic tools, such as Magnet, Autopsy/the Sleuth Kit, volatility
LinkedIn Remote Type: #LI-Hybrid Indeed Remote Type: WFH Flexible