Intro to Security and Privacy Engineering
Our Security and Privacy Engineering team is here to make sure that we remain a secure and trusted partner for all of these businesses as we grow. We believe security and privacy works best when it is part of the product, so we focus on inspiring autonomous teams to take shared responsibility for security and privacy.
As a Cloud Security Operations Analyst you will participate in the design, development and implementation of cloud security architecture, strategy and standards.
You provide subject matter expertise on our security detection and response capabilities, you will identify, evaluate and communicate cloud-related risks and vulnerabilities and recommended mitigations.
We run a small, collaborative team, so you will be involved in the end-to-end process of security operations; from defining our security use cases through to incident response.
Your background will ideally be in cloud security operations or as a SOC analyst. In any case, you will be experienced using cloud-native services and environments (GKE, GCS) and performing incident response in the cloud.
We want people who can help make security part of our day-to-day operations, so you will be someone who enjoys working across team, function and group to improve the security posture of an organisation.
In this role you will:
- Work closely with the security operations manager to ensure we take a data driven approach to presenting our cloud security posture
- Take a prominent role in reviewing the existing cloud security measures and processes, ensure the appropriate tooling, automation and operational processes and models are in place
- Recommend security configuration standards and best practices for cloud services (Google and AWS)
- Create actionable alerts in SIEM based on received cloud log events
- Analyse logs from multiple sources (eg: IDS, endpoints, email) to identify and investigate security events and anomalies
- Work closely with other security operations engineers to review and onboard security tools as we identify new requirements
- Run day-to-day security operations activities. This could be anything from responding to one of our users who was concerned about a suspicious email, to preparing a threat report or responding to a security incident
- Prove the ability to work creatively and analytically in a problem-solving environment
- Knowledge of recommended cloud security controls, fundamentals and best practices
- Experience using SIEM tools (ideally Splunk) to develop security monitoring cases and writing scripts to automate tasks
- Ability in using EDR or IDS/IPS tools
- Previous incident response experience in cloud environments
- Good fundamental knowledge on information security
- Excellent written and verbal communications skills to describe security event details and technical analysis with audiences within the cybersecurity organisation and other technology groups
What we have to offer:
Among other things:
- Focus on your growth and development: regular discussions with your manager about your personal goals, feedback, coaching, learning and conference budget.
- A clear career progression: opportunities for growth and leadership aligned to our competencies framework.
- Ownership and freedom: we give people problems to solve rather than specifications to implement, end to end ownership (deciding on the solution, implementing it, releasing it, maintaining it)
- Good work-life balance
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided