Senior Security Engineer - Cyber Threat Response

Company Description

At Xplor, we believe that helping people make the most of each day is the most rewarding way to spend ours.

We give small and medium-sized businesses cloud-based, intuitive technology solutions that enable them to manage all the hassles of running and growing a business, so business owners can get back to doing what they love. With Xplor Pay, we help businesses get paid quickly and securely – without hidden fees. We built the tech ourselves, and our platform delivers secure, transparent, fast, and accurate payments.

We are unified by our purpose of helping people to succeed. So, when you become part of our team, you also become part of the personal connection that strengthens the relationship people have with Xplor products.

Job Description

About the opportunity

Join our Central Technology Team to make a real impact every day. We say that because we know that every code line we write, every interface we design and every conversation we have, is another opportunity for us to enrich our customers’ experiences.

Our Security Engineers (CTR) are the front line for the security of our platforms and applications. The role prepares for, and responds to, security events and incidents across our systems.

*** MICROSOFT/AZURE SENTINEL EXPERIENCE PREFERRED***

Some of the other responsibilities include:

• Preserve the confidentiality, integrity and availability of our information so that it can be safely shared and used to drive our growth and innovation - enabling information confidence
• Mitigate the business loss arising from security issues by understanding security risk, monitoring for threats and responding to events appropriately within agreed hours
• Integration with our other security functions to ensure that attack patterns are catered for in defense.
• Improving Signal Noise Ratio, Developing Incident Response Workflows that can be automated.
• Perform security monitoring gap analysis using MITRE ATT&CK framework and build corresponding process/framework for continuous evaluation as well as increase detection coverage.
• Work collaboratively as part of the Cyber Threat Response team during incident response, event monitoring, and threat-hunting activities.
• Threat intelligence analysis, response and summary
• Cyber threat analysis support, research, and recommending appropriate remediation and mitigation.
• Deep understanding of several of the following fields: Email security (including PDF and Document analysis), digital media forensics, monitoring and detection, incident response, vulnerability assessment, penetration testing, cyber intelligence analysis, and network analysis
• Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution, and helping establish countermeasures increasing cyber resiliency.
• Identification of advanced cyber threat activities, Endpoint Detection Response, intrusion detection, incident response, malware analysis, and security content development (e. g., signatures, rules, etc. )
• Being flexible to work through incidents as needed

About our Central Technology team

At Xplor, we have many different products and technologies. We have evolved from a bunch of start-ups to a single company with over 700 Xplorers who work in our CT team as one team across the world. You can find everything from super modern to older languages. We continue to iterate on our processes and technologies to find common ground between the different projects and product we have.

With this, we rely heavily on our engineers to be dynamic. Xplor is not the company (yet) where you’ll always have well-defined requirements and rigid processes. Our Engineers have a lot of input into the process and requirements. However, there can be challenges and ambiguity you as an Engineer have to overcome – and we know that’s not for everyone. The positive side of this is that you get to have a lot of say and ownership in the product and the process.

Qualifications

What would make me a good candidate?

We are looking for people who want to make a difference in Security.

Required qualifications for this role:

• Minimum of 2-4 years’ experience in Security Operations
• Ability to manage Security Incidents through the Incident Handling process.
• Basic level understanding of ATP, EDR, API Security, Identity Management.
• Security Incident Response and triage and able to do root cause analysis. Sound understanding of different log sources and event co-relations.
• Security use-case development and fine-tuning based on the requirements (hands-on experience with Microsoft Sentinel/Kusto Query language preferred).
• Developing and improving incident response plans and working with team to contain identified threats.
• Tuning threat detection to minimize noise and amplify a signal.
• Input to new SOC workflows/metrics, reports, dashboards and processes to improve SOC scalability and efficiency.
• Maintaining proficiency by following the latest trends and developments in cyber security.
• Perform security automation to solve security use cases within the organization & continually improve threat detection capability and accuracy.
• Domain knowledge of Cyber Security, Threat Hunting (Active hunting on network flow, user behavior and threat intelligence), SIEM - Azure Sentinel, Ability to Comprehend Logs (HTTP, SMTP, Network), Windows Active Directory, Operating systems and servers.
• Well-versed with different attack vectors/TTPs and be able to simulate non-invasive attack as needed.
• Ability to collaborate and implement new approaches for detecting attacks and effective containment techniques, including scripting, analytics, and automation.
• Experience working with a selection of SIEM, TIP, malware analysis, and multiple sources of threat intelligence to properly categorize suspicious behavior.
• The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management.
• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• Must be a critical thinker, with strong problem-solving skills.
• Ability to work independently, enjoys learning, and stays current with industry developments, regulations, and best practices.
• Preferred Security certifications such as GCIH, AZ-500 & AZ-900, SC-100/SC-200
• Hands-on experience SIEM/SOAR with analysis and/or response to information security threats or incidents.
• Experience in performing performance health checks, tuning and optimization, Integrating log sources into SIEM/SOAR technologies.
• Install / configure / build / fine - tune the SIEM/SOAR tools to setup an effective information security support / operation.
• Hands-on knowledge of Correlation rules creation / Update / Deletion.
• Basic understanding of ITIL processes, ISO/PCI DSS, including Change Management, Incident Management, and Problem Management.

Desired Qualifications:

• Experience working with Jupyter Notebooks for threat hunting planning
• Knowledge of Python, Powershell

At Xplor, we believe that the best innovation and ideas happen at the intersections of our differences - people of diverse cultures, generations, disciplines, and lived experiences. So even if you think you do not tick all the boxes, we still encourage you to apply.

Additional Information

What does it mean to work for Xplor?

Our four core values - Make life simple, Build for people, Move with purpose and Create lasting communities - are key to who we are and guide us from how we hire to how we recognise our team members.

Life at Xplor

You’ll be part of a global network of talented colleagues who support your success. We look for commonalities and shared passions and give people the tools they need to deliver great work and grow at speed. 

Some of the perks of working with us: 

• Gender Neutral Paid Parental Leave for both primary and secondary career
• #GiveBackDays/Commitment to social impact – 3 extra days off to volunteer and give back to your local community
• Ongoing dedication to Diversity & Inclusion initiatives such as D&I Council, Global Mentorship Program
• Access to free mental health support
• Flexible working arrangements

The average base salary pay range for this role is between 75000 and 95,000$ CAD

May be considered for a discretionary bonus 

#LI-remote

We understand that diverse candidates have diverse needs. We welcome you to inform us of any additional needs related to completing your job application or participating in the interview process, via talent@xplortechnologies.com. 

More about us 

Xplor Technologies is a global platform integrating SaaS solutions, embedded payments, and Commerce Accelerating Technologies to help businesses succeed. Xplor provides enterprise-grade SaaS solutions for businesses in “everyday life” verticals: Childcare & Education; Fitness & Wellbeing, Field Services and Personal Services – and a global cloud-based payment processing platform.

Xplor Technologies serves over 78,000 customers that processed over $36 billion in payments, operating across 20 markets in 2022. 

Good to know

To be considered for employment, you must be legally authorized to work in the location (country) you're applying for. Xplor does not sponsor visas, either at the time of hire or at any later time. 

We kindly ask you to apply through our careers portal or external job boards only. Please don't send your application via email. 

To learn more about us and our products, please visit www.xplortechnologies.com/us/careers. 

We also invite you to check out our Candidate FAQs for more information about our recruitment process www.xplortechnologies.com/us/recruitment-faqs.

Xplor is proud to be an Equal Employment Opportunity employer. We're dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability, and age. Applications are encouraged from all sectors of the community.

We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant.