Senior Security Operations Engineer - SOC
Seattle, Washington
Applications have closed
Woven Planet Holdings, Inc.
Woven by Toyota innovates and invests in new technologies, software, and business models that transform how we live, work, and move.Visit us to learn more: https://www.woven-planet.global/
TEAMThe security team at TRI-AD is on the cutting edge of many challenging security problems. We identify emerging security threats in autonomous vehicles and help design more secure systems. We work closely with internal platform teams to provide a secure development environment through tooling and automation, allowing developers to innovate quickly without compromising security.
WHO ARE WE LOOKING FOR?We are seeking an experienced Security Operations engineer to support our Blue Team. The right candidate will have an in-depth understanding of the overall security landscape, be experienced in tuning detection systems to spot attacker Tactics, Techniques, and Procedures (TTPs), and have a proven background in designing and deploying Security Information Event Management (SIEM) systems. They will work to continuously improve our detection systems’ visibility by integrating new log sources, building out new use cases based on intel generated by our intelligence team. In order to stay current with the unique challenges of day-to-day alerting the SOC engineer will also be analyzing events and responding to alerts, collaborating with IT, security, and business stakeholders to kick attackers out of our systems as quickly as possible. We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have a passion for engineering solutions to complex security challenges and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is core to our organization. The successful candidate will have a good mix of technical knowledge, a demonstrated background in information security, and an analytical mindset that is driven by curiosity. We value broad technical knowledge, specifically in the fields of operating system security, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
RESPONSIBILITIES
- Continuously improve our monitoring systems’ detection and response capabilities as well as processes, procedures, and playbooks
- Respond to alerts
- Plan and execute monitoring system changes
- Automate analysis and response steps to reduce manual toil
- Help prioritize the creation of new SOC use cases to ensure optimum ROI for engineering effort
- Communicate effectively at multiple levels of sensitivity, and multiple audiences
- Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence
MINIMUM QUALIFICATIONS
- 4+ years of demonstrated experience in security operations as a security engineer with a background in analysis
- 2+ years of scripting/coding experience with one or more languages and system administration
- Practical experience in network- and host-based digital forensics across multiple operating systems
- In-depth experience working with a variety of monitoring tools, including SIEM, endpoint security, intrusion detection/prevention, packet analysis, CASB, and SOAR
- Demonstrated knowledge in information security fundamentals (threat modeling, penetration testing, incident response, network security, physical security, etc.)
- Ability to troubleshoot technical issues combined with a drive to take ownership of problems and solve them
- Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English
PREFERRED QUALIFICATIONS
- Experience leading the deployment of a major SIEM platform (Splunk, QRadar, Sentinel, ArcSight, etc) and/or EDR platform (Crowdstrike, Defender for Endpoint, Cylance, etc)
- 4+ years of experience in security engineering in addition to 2+ years of experience in security analysis
- 2+ years of scripting/coding experience with one or more languages
- Ideally, experience securing cloud platforms incl. AWS, GCP, Azure
- Relevant industry certifications, a degree in cyber security or adjacent fields, or cyber security boot camps
WHAT WE OFFER・Competitive Salary - Based on skills and experience・Work Hours - Flexible working time with NO core-hours・Paid Holiday - 20 days per year (prorated)・Sick Leave - 6 days per year (prorated)・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by the company・Japanese Social Security - all applicable (Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance)・Employee Benefits・In-house Training Program (software study/language study)
By submitting your application you agree to the following terms:https://www.woven-planet.global/careers/privacy-policy
[OUR COMMITMENT]・We are an equal opportunity employer and value diversity.・We pledge that any information we receive from candidates will be used ONLY for the purpose of hiring assessment.
Tags: ArcSight Automation AWS Azure Blue team Cloud Cryptography EDR Endpoint security Forensics GCP Incident response Intrusion detection Malware Monitoring Network security Pentesting Privacy QRadar Scripting Security analysis SIEM SOAR Splunk TTPs
Perks/benefits: Competitive pay Flex hours Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs