Security Operations Engineer I - Provo
Provo, Utah, United States
QualtricsKnow what your customers and employees need, when they need it, and deliver it every time with powerful, AI driven Experience Management (XM) software.
At Qualtrics, we create software the world’s best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platform—we are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit, determination, and a disdain for convention—but most of all it requires close-knit, high-functioning teams with an unwavering dedication to serving our customers.
When you join one of our teams, you’ll be part of a nimble group that’s empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together, by passing the mic and iterating until the best solution comes to light. You won’t have to look to find growth opportunities—ready or not, they’ll find you. From retail to government to healthcare, we’re on a mission to bring humanity, connection, and empathy back to business. Join over 6,000 people across the globe who think that’s work worth doing.
Security Operations Engineer I - Provo
Why We Have This Role
Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for an experienced engineer to join our security operations center / incident response team who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.
How You’ll Find Success
- Ability to lead an Incident Response Team and respond to emergency calls during non-business hours, as needed.
- Possess the ability to react quickly, decisively, and deliberately.
- Excellent verbal and written communication skills.
- Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership.
How You’ll Grow
- You’ll increase your technical expertise by operating a wide range of technologies to solve modern security problems in a fast paced SaaS Environment.
- You’ll improve your security expertise by responding to real-world security threats across the Qualtrics enterprise and application.
- You’ll learn to reduce security risks by collaboratively partnering with a globally distributed team.
- You’ll gain expertise around the Qualtrics XM Platform.
Things You’ll Do
- Performs Level 1 SOC/IR and shift lead duties as a part of a 24/7 security incident watch team in a multi-timezone follow-the-sun rotation.
- Provides leadership, mentoring, and training to SOC/IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.
- Provides onboarding training and coaching for junior SOC/IR Engineers.
- Performs network and endpoint forensics to establish attack scope and root cause analyses.
- Ensures communication and escalation of security activities to leadership.
- Performs additional analysis of escalations from SOC engineers and conducts incident review.
- Leads development of workflow automation to lower response time and eliminate lengthy response times
- Develop and improve attack remediation strategies, incident handling processes, standard operating procedures, playbooks, and automations.
- Identifies alerting gaps and develops strategies to increase threat detection coverage.
- Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response.
What We’re Looking For On Your Resume
- Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study.
- 0-1+ years of experience in the Information Security field.
- 0-1+ years of prior SOC and/or Incident Response experience.
- Experience performing analysis utilizing IDS/AV/Firewall consoles.
- Experience with cloud computing and AWS services.
- Strong understanding of networking and associated protocols.
- Development skills including scripting (e.g. Python, shell scripting).
- Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs).
- Knowledge of STIX/TAXII, SIGMA, DISA STIGs.
- Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux.
What You Should Know About This Team
- In Qualtrics SOC, all team members know how to code - we don't have pure "Security Analyst" positions. We believe that through automation we can detect and respond to threats better than typical SOCs.
Our Team’s Favorite Perks and Benefits
- Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours
- We take pride in our offices design aiming at cultivating creativity from our rooftop views to an open and collaborative work space
- On top of the standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office
- We believe in sharing Qualtrics’ success - RSU is a part of the compensation for all employees.
Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please let your Qualtrics contact/recruiter know.
Qualtrics Work Experience - As we look to the future, we believe that our teams are better together. Being together will help us learn more, grow faster and ultimately deliver better results for our customers and Qualtrics. Roles tied to an office location work 4 days per week in the office together and 1 day from home, with a strong spirit of flexibility around taking time for personal, health, and family moments in our work weeks. Our managers work with their teams to create a collaborative, engaged work environment, and arrangement that works for each of our team members.
Not finding a role that’s the right fit for now? Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events, behind the scenes stories from the team, interview tips, hot jobs, and more. No spam - we promise! You'll hear from us two times a month max with fresh, totally tailored info - so be sure to stay connected as you explore your best role and company fit.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Cloud Computer Science Cyber Kill Chain DISA FedRAMP Firewalls Forensics HITRUST IDS Incident response ISO 27001 Linux MacOS MITRE ATT&CK Polygraph Python SaaS Scripting SOC STIGs Threat detection TTPs
More jobs like this
San Diego, California, United … San Diego, California, United States Full TimeSenior Senior-levelUSD 140K - 170K USD 140K+
Tandem Diabetes Care
Sr. Product Security Engineer - FirmwareCCPA CISSP Compliance Computer Science Encryption GIAC +9
401(k) matching Competitive pay Equity Flex vacation Health care +1
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Senior Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs
- Open APIs-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs