Security Operations Engineer
United States - Remote
Applications have closed
FormAssembly Inc.
FormAssembly is seeking an experienced Security Operations Engineer with exceptional technical skills to join our Security and Compliance department. As a Security Operations Engineer, your role will be to work with other business units to ensure the highest level of security and compliance obligations are met.
We seek a motivated self-starter and team player to lead several aspects of security and compliance at FormAssembly. Responsibilities include ensuring FormAssembly meets the highest security standards, administering security audits, making infrastructure improvements, and helping achieve/maintain security standards such as PCI DSS Level 1, ISO-27001, HIPAA, GDPR, FedRAMP and others.
About Us:
FormAssembly is a 100% remote, fast-growing SaaS company with teammates all over the world that come together every day to help customers streamline data collection processes. We’re chasing major growth goals year after year, and we’re looking for talented, driven individuals to join our dynamic team.
FormAssembly works with 5,000+ leading companies worldwide to help them collect data quickly and securely, including Amazon, PayPal, Dell, Harvard, and more. We have been recognized in the 2020 Inc. 5000 list of fastest growing private companies for four years in a row, and we are a G2 Crowd Winter 2021 Leader. As we grow rapidly and adapt our product to better serve our impressive roster of customers, we’re also dedicated to fostering community and building relationships with our coworkers.
For a glimpse at what it’s like to work at a SaaS company with 35% year over year growth and teammates from all over the world who live out our core values of transparency, accountability, curiosity, ambition, composure, and kindness, learn about our awesome team and how and why we work remotely.
If you share our core values and want to work together to build something great for our customers, we’d be thrilled to have you apply for this position. FormAssembly is an equal opportunity employer. If you belong to an under-represented group in tech, you’ll find a welcoming culture that thrives on diversity.
This is a full-time position, open to most locations (working remotely from home).
About this position:
- This is a lead technical role, requiring technical hands-on experience with SaaS providers.
- The Security Engineer candidate will have experience building and architecting security operations and response programs as part of a small team with shared responsibilities. This individual will also help drive system improvements with our products and infrastructure teams.
- An ideal candidate will work effectively with security and engineering teams to design security tools, automate where we can, and assist development teams in improvement planning.
Requirements
Requirements:
- 5+ years of experience in designing, configuring, and operating security event platforms (such as Elastic SIEM, Splunk, SumoLogic, or AlienVault)
- 5+ years of experience working with secure code development tools such as Snyk, SonarQube, or similar
- 3+ years experience with identity management tools such as Keycloak or Auth0
- Experience in Laravel and Cake PHP frameworks, Amazon AWS tools such as SecurityHub and GuardDuty, and basic scripting knowledge
- Familiarity with compliance standards such as CIS benchmarks for Cloud providers, PCI DSS Level 1, ISO-27001, HIPAA, GDPR, FedRAMP and others.
Preferred Certifications:
- AWS Certified Cloud Practitioner
- AWS Certified Security Specialist
- Certified Cloud Security Professional (CCSP)
- Offensive Security Certified Professional (OSCP), or similar
In this position you will:
- Drive our security event management platform and SIEM by working alongside IT, Engineering, and Product teams to identify/configure log repositories, forwarders, and correlation/response rules
- Validate product security configuration and standards, execute security testing, and work with product/engineering teams to prioritize improvements in our code development processes
- Continually monitor, test and harden our infrastructure security in AWS.
- Support SDLC optimization and code scanning processes
- Work alongside our compliance team to prioritize key risk areas, and respond to technical inquiries from our Enterprise and Government customers.
- Share responsibilities for investigating and responding to security events
- Participate in audits such as SOC 2, PCI-DSS, ISO-27001, etc as needed
Benefits
FormAssembly offers several benefits that help to facilitate a healthy team, personal growth, and a work-life balance, all of which contribute to creating a more engaged and passionate workforce.
- Health benefits (health, dental, vision) for team members based in the United States
- 401(k) with 4% company match for team members based in the United States
- Unlimited paid vacation and 9 company holidays
- Flexible work schedule
- Paid parental leave
- Charitable contribution match
- Budget for professional development
- Company provided Mac laptop
You'll be joining a talented and fun team, working together to build something great!
Tags: AlienVault Audits AWS CCSP Cloud Compliance FedRAMP GDPR HIPAA Offensive security OSCP PCI DSS PHP Product security SaaS Scripting SDLC SIEM SOC SOC 2 SonarQube Splunk
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Gear Health care Parental leave Startup environment Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs