Security Engineer – Security Operations, Zero Trust

Job Description: • Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others. • Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team. • Assist in development of new threat detections, playbooks, and automated response/remediation • Support triage and response of security alerts, as an escalation point from the broader team. • Participate in supporting security on-call rotation • Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles • Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM • Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel • Mature Zero Trust alerts and controls across risk-based alerting, posture checks • Incorporation of Zero Trust principles into new programs and architecture designs • Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools. • Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training. • Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture. • Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings. • Partner with Engineering, DevOps, to secure GCP, AWS environments • Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts. • Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment. • Incorporation of shift-left security tests and controls, into CI/CD pipelines • Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats. Requirements: • 3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment • Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools. • Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions. • Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions. • Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable. • Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams. • Ability to drive new projects, self-starter, with minimal supervision • A proactive, "builder" mindset with a passion for improving processes, reducing risk. • Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform). • Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF • Familiarity with common application development languages such as Java or JavaScript • Understanding of system and architecture design principles, from code to cloud • Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA). Benefits: • Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents. • Health Savings Account with company contribution for eligible medical plans. • Flexible Vacation Plan • 10 Paid Company Holidays • 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance • 401k with Traditional and Roth options, including employer match. • Company Equity • Paid Parental and Pregnancy Recovery Leave • Company and team off-sites and virtual events throughout the year • Home office stipend Apply tot his job Apply To this Job