Security Operations Engineer II
Krakow, Poland
Applications have closed
Qualtrics
Know what your customers and employees need, when they need it, and deliver it every time with powerful, AI driven Experience Management (XM) software.The Challenge
Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for an experienced engineer to join our security operations center / incident response team who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.
Expectations for Success
- Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study
- 3+ years of experience in the Information Security field
- Ability to lead an Incident Response Team and respond to emergency calls during non-business hours, as needed.
- Possess the ability to react quickly, decisively, and deliberately.
- Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership
- Experience performing analysis utilizing SIEM, SOAR, and HIDS/HIPS technologies
- Experience performing analysis utilizing IDS/AV/Firewall consoles
- Experience with cloud computing and AWS services
- Prior Security Engineer and/or SOC and/or Incident Response experience preferred.
- Excellent verbal and written communication skills.
- Strong understanding of networking and associated protocols
- Development skills including scripting (e.g. Python, shell scripting)
- Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs)
- Knowledge of STIX/TAXII, SIGMA, DISA STIGs
- Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux
- GIAC, or other security certification is a plus, but not required
A Day in the Life
- Performs Level 2 SOC/IR and shift lead duties as a part of a 24/7 security incident watch team in a multi-timezone follow-the-sun rotation.
- Provide leadership, mentoring, and training to SOC/IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.
- Performs network and endpoint forensics to establish attack scope and root cause analyses
- Develops attack remediation strategies
- Ensures communication and escalation of security activities to leadership
- Performs additional analysis of escalations from SOC engineers and conducts incident review
- Identifies and develops workflow automation to lower response time and eliminate lengthy response times
- Develop and improve incident handling processes, standard operating procedures, playbooks, and automation.
- Provides onboarding training and coaching for junior SOC/IR Engineers
- Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response
What differentiates us from other companies
- In Qualtrics SOC, all team members know how to code - we don't have pure "Security Analyst" positions. We believe that through automation we can detect and respond to threats better than typical SOCs.
- Work-life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
- We take pride in our offices’ design aiming at cultivating creativity from our rooftop views to an open and collaborative workspace.
- On top of our standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
- We believe in sharing Qualtrics’ success - RSU is a part of the compensation for all employees.
Tags: Automation AWS Cloud Computer Science Cyber Kill Chain FedRAMP Firewalls Forensics GIAC HITRUST IDS Incident response ISO 27001 Linux MacOS MITRE ATT&CK Python Scripting SIEM SOAR TTPs
Perks/benefits: Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs