Senior Cloud Security Engineer, TDIR

The Basics:

The Senior Cloud Security Engineer, Threat Detection and Incident Response (TDIR) will work closely with Software Engineers, Security Engineers, Compliance, and Legal teams to support threat detection and response engineering for Tanium’s cloud services in Azure Commercial Cloud and Amazon Web Services. You will be an integral part of Tanium's cloud engineering process in helping us to design and implement secure systems while providing feedback for Tanium’s services for TDIR. You will be responding to threats, building advanced and novel detection mechanisms, performing investigations for sophisticated and previously unknown malware, and developing systems to automate detection and remediation for protecting Tanium’s cloud services.

A successful candidate will have experience building and operating as a cloud security engineer in a DevOps environment for establishing and maturing investigations and response efforts, drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities. They will also have experience establishing and maturing cloud security investigations and response efforts as primary expert for Azure Commercial Cloud, drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities.

What you’ll do:

• Align the organization’s vision and strategy, while collaborating with our teams and stakeholders to develop and deliver specific, multi-year roadmaps, programs, and project
• Ensure prioritization, resourcing, and timely delivery of this work within a changing business environment
• Collaborate with software, production, and other security engineering teams to develop scalable and flexible solutions for everything from low-level actors to nation state actors
• Proactively identify risks and malicious activity in our cloud infrastructure and systems
• Analyze systems, logs, packets, and alerts for signs of malicious activity
• Create custom signatures and tools to analyze and detect malicious activity
• Build automation for response and remediation of malicious activity
• Drive implementation of countermeasures, mitigations, and containment
• Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
• Provide feedback into Tanium cloud services to improve TDIR capabilities for customers from real-world experiences.

We’re looking for someone with:

• Education

• • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
• Experience

• • In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
  • 4+ years of experience with security event prevention, detection, analysis, and response in public cloud environments:
    • Must have 2+ of those years for Azure Commercial Cloud security events
    • Must have experience with security event investigations on Linux
    • Experience in serverless and containerized workloads, such as Kubernetes, Docker, and AWS Lambda (preferred)
  • 2+ years of experience with security engineering and design for building cloud-based systems for customers
  • Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) (e.g. MITRE ATT&CK, building threat intelligence, etc.)
  • Experience scripting in Python or Bash
  • Experience with building and operating SIEM (i.e. Splunk, ELK, etc.) or cloud-based security analytics tools (e.g., Athena, Jupiter Notebook, etc. ) for cloud detection and response
  • Experience designing and building defense-in-depth security monitoring to aid in detection, triage, analysis, and response
  • Working with industry security and risks standards (e.g. CIS Benchmarks, NIST CSF, FedRAMP Moderate, PCI DSS, SOC2) for sensitive data protections

About Tanium 

Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Operations, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That’s the power of certainty. Visit www.tanium.com and follow us on LinkedIn and Twitter.

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Vaccine Mandate

​​​​​​​At Tanium, the health and safety of our employees and the community are our top priority. In our effort to control the spread of Covid-19, Tanium requires that all newly hired employees be fully vaccinated for Covid-19 as of their start date, to the extent allowed by applicable law. If you are unable to get the Covid-19 vaccine due to a medical condition, disability, or sincerely held religious belief, Tanium will engage in the interactive process and consider requests for an accommodation.

Taking care of our team members 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.