Security Operations Engineer II

Krakow, Poland

Applications have closed

Qualtrics

Know what your customers and employees need, when they need it, and deliver it every time with powerful, AI driven Experience Management (XM) software.

View company page

The Challenge

Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for an experienced engineer to join our security operations center / incident response team who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.

Expectations for Success 

  • Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study 
  • 3+ years of experience in the Information Security field
  • Ability to lead an Incident Response Team and respond to emergency calls during non-business hours, as needed.
  • Possess the ability to react quickly, decisively, and deliberately.
  • Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership
  • Experience performing analysis utilizing SIEM, SOAR, and HIDS/HIPS technologies
  • Experience performing analysis utilizing IDS/AV/Firewall consoles
  • Experience with cloud computing and AWS services
  • Prior Security Engineer and/or SOC and/or Incident Response experience preferred.
  • Excellent verbal and written communication skills.
  • Strong understanding of networking and associated protocols
  • Development skills including scripting (e.g. Python, shell scripting)
  • Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs)
  • Knowledge of STIX/TAXII, SIGMA, DISA STIGs
  • Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux
  • GIAC, or other security certification is a plus, but not required

A Day in the Life

  • Performs Level 2 SOC/IR and shift lead duties as a part of a 24/7 security incident watch team in a multi-timezone follow-the-sun rotation.
  • Provide leadership, mentoring, and training to SOC/IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.
  • Performs network and endpoint forensics to establish attack scope and root cause analyses
  • Develops attack remediation strategies
  • Ensures communication and escalation of security activities to leadership
  • Performs additional analysis of escalations from SOC engineers and conducts incident review
  • Identifies and develops workflow automation to lower response time and eliminate lengthy response times
  • Develop and improve incident handling processes, standard operating procedures, playbooks, and automation.
  • Provides onboarding training and coaching for junior SOC/IR Engineers
  • Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response

What differentiates us from other companies

  • In Qualtrics SOC, all team members know how to code - we don't have pure "Security Analyst" positions. We believe that through automation we can detect and respond to threats better than typical SOCs.
  • Work-life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
  • We take pride in our offices’ design aiming at cultivating creativity from our rooftop views to an open and collaborative workspace.
  • On top of our standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
  • We believe in sharing Qualtrics’ success - RSU is a part of the compensation for all employees.

Tags: Automation AWS Cloud Computer Science Cyber Kill Chain FedRAMP Firewalls Forensics GIAC HITRUST IDS Incident response ISO 27001 Linux MacOS MITRE ATT&CK Python Scripting SIEM SOAR TTPs

Perks/benefits: Health care Team events

Region: Europe
Country: Poland
Job stats:  8  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.