Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Job Type
Full Time
Job Details
Staff Security Operations Engineer As a Staff Security Operations Engineer at Workiva, you'll play a pivotal role in safeguarding our systems and data. Our Security Operations team is responsible for continuously monitoring, detecting, and responding to security incidents across our infrastructure. You'll collaborate closely with stakeholders to investigate and validate incidents, ensuring a swift and effective response to any potential threats. Additionally, you'll work autonomously to enhance existing security practices and mitigate risks across various hosting environments. With a focus on mentorship and leadership, you'll take the lead in implementing new security measures, conducting incident response exercises, and contributing to the overall security posture of the organization. What You’ll Do
- Develop and implement Security Operations Center (SOC) procedures and protocols to ensure clear remedial action plans and situational awareness, while also training and educating SOC & Infosec members, internal stakeholders, and external business partners on SOC management and procedures
- Coordinate incidents including areas of, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage while working closely with information security leadership and business stakeholders and as part of a team of responders
- Participate in incident response tabletop exercises to identify gaps, enhance skills, and engage with stakeholders, while also reviewing technical reports from vulnerability and penetration testing assessments to identify exposure to future incidents
- Refine, recommend and maintain playbooks, policies, procedures and guidelines, and align with industry best practices
- Use and develop metrics to capture and focus improvement efforts and gap coverage utilizing existing systems and data to improve security for our platform
- Ensure security controls implemented are effective and maintained in a fashion that supports our performance, scalability and stability
- Independently address technical and business risks across various hosting environments
- Prioritize areas for improvement and provide recommendations for remediation of identified issues
- Handle novel incident response efforts and act as a lead/mentor for other team members
- Conduct technical and analytical assessments and communicate effectively with technical and non-technical colleagues
- Rely on factual and data-driven assessments rather than leading with fear or assumptions
- Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent job experience.
- 8+ years of experience working within a Security Operations Center or related field
- Experience with Amazon, Azure, and/or Google Cloud Environment
- Experience with the querying and use of the Splunk SIEM
- Strong working knowledge of Linux OS and MacOS (required) and windows (preferred)
- Experience working with SIEM tools and/or SOAR tools along with the building of playbooks and procedures
- Experience in IR management, forensics, and hands-on technology within security principles
- Specialization into at least one of the core areas of a SOC: Digital or Network Forensics, Incident Response, Malware Analysis, Threat Intelligence, Vulnerability Management, and/or another security focused area
- Experience in leading or mentoring other employees
- Interest in or experience with systems languages (Python, Java, Go)
- A combination of technical expertise and business acumen to security administration, incident response, and security operations center (SOC) roles
- Excellent verbal, written, and interpersonal communication skills
- Self-motivated with strong propensity for action, results and continuous improvement
- The ability to work successfully in a high-energy, fast paced, rapidly changing environment is necessary
- Exceptional organizational and critical thinking skills with the ability to multitask and manage multiple processes, programs, and procedures simultaneously while working under pressure to meet deadlines
- Must be able to travel up to 10% annually
- Reliable internet access for any period of time working remotely, not in a Workiva office
About the Company
Workiva
Ames, IA, United States
We founded Workiva to transform the way people manage and report business data with various collaborators, data sources, documents, and... Read more