Senior Cloud Security Engineer, TDIR

The Basics:

The Senior Cloud Security Engineer, Threat Detection and Incident Response (TDIR) will work closely with Software Engineers, Security Engineers, Compliance, and Legal teams to support threat detection and response engineering for Tanium’s cloud services in Azure Commercial Cloud and Amazon Web Services. You will be an integral part of Tanium's cloud engineering process in helping us to design and implement secure systems while providing feedback for Tanium’s services for TDIR. You will be responding to threats, building advanced and novel detection mechanisms, performing investigations for sophisticated and previously unknown malware, and developing systems to automate detection and remediation for protecting Tanium’s cloud services.

A successful candidate will have experience building and operating as a cloud security engineer in a DevOps environment for establishing and maturing investigations and response efforts, drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities. They will also have experience establishing and maturing cloud security investigations and response efforts as primary expert for Azure Commercial Cloud, drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities.

What you’ll do:

• Align the organization’s vision and strategy, while collaborating with our teams and stakeholders to develop and deliver specific, multi-year roadmaps, programs, and project
• Ensure prioritization, resourcing, and timely delivery of this work within a changing business environment
• Collaborate with software, production, and other security engineering teams to develop scalable and flexible solutions for everything from low-level actors to nation state actors
• Proactively identify risks and malicious activity in our cloud infrastructure and systems
• Analyze systems, logs, packets, and alerts for signs of malicious activity
• Create custom signatures and tools to analyze and detect malicious activity
• Build automation for response and remediation of malicious activity
• Drive implementation of countermeasures, mitigations, and containment
• Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
• Provide feedback into Tanium cloud services to improve TDIR capabilities for customers from real-world experiences.

We’re looking for someone with:

• Education

• • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
• Experience

• • In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
  • 4+ years of experience with security event prevention, detection, analysis, and response in public cloud environments:
    • Must have 2+ of those years for Azure Commercial Cloud security events
    • Familiar with security event investigations on Linux, serverless, and containerized workloads, such as Kubernetes, Docker, and AWS Lambda
  • 2+ years of experience with security engineering and design for building cloud-based systems for customers
  • Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) (e.g. MITRE ATT&CK, building threat intelligence, etc.)
  • Experience with building and operating SIEM (i.e. Splunk, ELK, etc.) or cloud-based security analytics tools (e.g., Athena, Jupiter Notebook, etc. ) for cloud detection and response
  • Experience designing and building defense-in-depth security monitoring to aid in detection, triage, analysis, and response
  • Working with industry security and risks standards (e.g. CIS Benchmarks, NIST CSF, FedRAMP Moderate, PCI DSS, SOC2) for sensitive data protections

About Tanium 

Tanium is the platform that the most demanding and complex organizations trust to gain visibility and control across all endpoints in on-premises, cloud and hybrid environments. Tanium addresses today’s increasing IT challenges with high fidelity endpoint data — giving IT operations, security and risk teams confidence to quickly manage, secure and protect their networks at scale. Nearly half of the Fortune 100, top retailers and financial institutions, and multiple branches of the U.S. Armed Forces trust Tanium to help see and control every endpoint, everywhere. That’s the power of certainty. Tanium has been named to the Forbes Cloud 100 list of “Top 100 Private Companies in Cloud Computing” for six consecutive years and ranks on FORTUNE’s list of the “Best Large Workplaces in Technology 2021.” Visit www.tanium.com and follow us on LinkedIn and Twitter.

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Vaccine Mandate

​​​​​​​At Tanium, the health and safety of our employees and the community are our top priority. In our effort to control the spread of Covid-19, Tanium requires that all newly hired employees be fully vaccinated for Covid-19 as of their start date, to the extent allowed by applicable law. If you are unable to get the Covid-19 vaccine due to a medical condition, disability, or sincerely held religious belief, Tanium will engage in the interactive process and consider requests for an accommodation.

Taking care of our team members 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.