Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Security Operations Engineer
Company Zendesk
Location Madison, WI or Remote
Preferred GIAC Certifications GSEC GCIA GCIH GCFA
Travel 0%
Salary Not provided
URL https://jobs.zendesk.com/us/en/job/R12400/Senior-Security-Operations-Engineer
Contact Name Maarten Van Horenbeeck
Contact Email mvanhorenbeeck/at/zendesk.com
Expires 2020-11-22

Job Description

The Senior Security Operation Engineer proactively handles and supports SecOps infrastructure to ensure systems remain reliable and available for investigations. The successful candidate will provide maintenance for all security operations owned systems, participate in security alert triage, troubleshooting of security device monitoring and incident investigation using infrastructure and applications logs from across the enterprise. In addition, the Security Operations Engineer role will also initiate and resolve security operation activities and serve as a technical leader for the operations team.

What you get to do every day :
- Act as a point of escalation for investigation of system and network security events.
- Architect, build, and support security operations infrastructure.
Continually develop and maintain SIEM architecture.
- Perform forensic investigations, identify attack vectors and mitigation tactics.
- Spread security awareness through tech talks, lunch and learns, and community involvement.
- Monitor and analyze network security events.
- Develop and maintain various security related tools, automations, and integrations.
- Investigate security alerts and reports to ensure the integrity of the Zendesk platform.
- Support various compliance standards (SOX, SOC2, PCI, FedRAMP)
- Take part in the on call rotation.

What you bring to the role:
- 2 +years of hands-on experience with advanced SIEM in a versatile, fast-paced, enterprise environment
- Experience configuring and using logging, monitoring and alerting solutions to identify security events.
- Conceptual knowledge on different areas of computer security (network, application, cryptography, forensics, incident response, etc.)
- Basic understanding of computer networks (VLAN, IP addressing, security zones of trust, etc.)Understanding of common security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, etc.)
- Knowledge of *nix operating system and commands.
Basic programming and scripting skills (includes ability to write regular expressions) (python, node.js, bash, Ruby and/or other programming languages).
- Excellent oral, written and documentation skills (a sense of humor never hurts as well!)
- Undergraduate degree required; B.S./B.A. Computer Science, Computer Engineering preferred.
- Professional security certifications are a plus.
- Excited to learn, work, grow, and advance your career.
- A self-starter mentality and a creative outlook on how to approach security
- Ideally GIAC certifications such as GSEC GCIA GCIH GCFA, or a specialization in cloud security