Security Operations Team Lead (remote)

Percona is experiencing significant growth as we continue to mature our IT Security practices and as the company transitions to a software-led organization.
The mission of the  Security Operation Team Lead is to ensure the overall security of Percona’s information, with a focus on customer information.  This is accomplished by managing our Security Operations team of Security Engineers, working closely with our Legal and Compliance team, as well as developing, maintaining, and often running, best practice industry-standard security practices and procedures across all Percona.
The primary function of this position is to lead the team as well as participate in investigations, identification and reporting on cyber threats,  focusing on protecting our clients from bad actors or a cyber threat actor (CTA). You will coordinate resources during incident response efforts, assist with classifying security events, develop remediation guidance, support documentation and client reporting deliverables, and assist with system security compliance. To achieve this, the Security Operation Team Lead will interact with different teams at Percona to ensure the existing security controls are functional and new security controls are implemented to maintain a strong overall security posture.

What You Will Do

• Provide leadership to a highly technical Security Operations team, to ensure the focus on the most important activities, maximizing their technical talent as well as their professional development
• Build the Security Operations Center as the company’s needs grow and change
• Provide security monitoring and incident response of cyber security events for both internal land external customers
• Respond to cyber security incident tickets,  monitor security logs and provide analysis and trending of security log data from security devices as well as various security tool portals
• Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
• Tune rules and thresholds to improve the effectiveness of security alerts
• Prepare reports of analysis and results to provide briefings to management and clients
• Provide Incident Response support when analysis confirms actionable incidentInvestigate, document, and report on information security issues and emerging trends
• Mentor junior staff, interns and security engineers
• Improve our Security communication posture to Percona staff, customers, and our broader Percona user community.  This can include, but is not limited to, Training, Blog posts, Presentations, Sales calls, etc
• Work with the Legal, Security Compliance, and Engineering teams to ensure a fully managed application code security program including a System Development Lifecycle (SDLC) is implemented that includes, DAST, SAST, SCA and IAST code scanning and remediation
• Perform technical Security reviews of vendor products and services
• Develop Security solutions to help improve internal Security posture and customer experience
• Lead and participate in Internal & External Penetration tests in a managed, structured and recurring fashion.

What You Have Done

• 5+ years of Information Security experience
• 1-2+ years of Team management
• Strong English communication skills including the ability to present technical information to non-technical audiences. Enthusiastic about documentation.  Great at bridging the gap between technical and business audiences.
• Strong hands-on experience with Linux, Linux scripting, and  application security (DAST, SAST, SCA and IAST)
• Experience as a Senior Security Analyst leading a team
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Experience working as an Incident Responder
• Knowledge of various security methodologies and technical security solutions
• Experience analyzing data from cybersecurity monitoring tools
• Ability to analyze endpoint, network, and application logs
• Experience tuning and/or configuring SIEM and vulnerability tools
• Nice to have experience with threat hunting

What Will Make You Stand Out

• Security Engineering technical background. 
• Experience with containerization, orchestration tools,  Docker, Kubernetes, etc. a plus
• Experience wearing many hats in a small/medium-sized organization
• Experience in working with cloud environments, in particular, AWS and GCP
• Strong hands-on experience with Linux, and application security (DAST, SAST, SCA and IAST)ITIL/ITSM experience/familiarity
• Experience with organization-wide Identity Access Management systems and Security tools for data loss prevention, security training, vulnerability scanning and threat modelling
• Security Certifications:  CISSP

Percona is a highly respected thought leader in the global open-source community. Our mission is to Keep Open Source Open. We provide services and software for MySQL®, MongoDB®, PostgreSQL® and other open source databases on premises and in cloud environments..
Percona is remote-only and globally dispersed – we have colleagues in more than 40 countries! We offer a collaborative, highly-engaged culture where your ideas are welcome and your voice is heard.
If you love the idea of working with a high-growth tech company that is one of the best in the business and known globally as a go-to in the open-source database space, let’s talk.