SecOps Security Operations Engineer

Yesterday

Apply Now

Receive Emails with Similar Jobs

Tixr

WebsiteLinkedInAll Job Openings

Event Ticketing • Analytics • CRM • Event Sales • Event Management

51 - 200 employees

Founded 2013

🛍️ eCommerce

👥 B2C

💰 Venture Round on 2016-07

Description

• Lead hands-on efforts to protect and defend Tixr’s network boundaries. • Keep computer, network, and cloud systems hardened against malicious activity. • Provide security services that protect customer sensitive information. • Work with all layers and components of the technology stack and actively monitor systems for attacks and intrusions. • Own, facilitate, and drive the resolution of security incidents. • Implement security toolsets and address policy questions. • Work with software engineers to identify and remediate security flaws. • Focus on scaling and automating security infrastructure and processes. • Solve user and corporate security concerns. • Investigate security incidents and perform security gap analysis.

Requirements

• Using, managing, and securing cloud services and platforms that are SaaS, IaaS, etc... • Experience with security concepts in AWS and with the available security tools, such as Inspector, GuardDuty, Macie, Config, CloudFormation, CloudWatch, CloudTrail, Trusted Advisor, WAF, etc… • Administering and effectively managing monitoring and intrusion detection systems. • Deploying identity and access management services including Single Sign On (SSO) frameworks and mechanisms such as OAuth, SAML, etc... • Log management and security analytics tools, including open source • Skillful in integrating security in CI/CD pipelines for Infrastructure as Code (IaC) (running unit tests, running security tools, managing secrets) using configuration management and automation tools such as Jenkins, Chef, Terraform, GitHub Actions, etc... • Experienced with using Regular Expressions (REGEX) as well as with automation and development leveraging Python, Terraform, etc. • The ability to monitor, evaluate, and interpret vulnerabilities/CVEs, vulnerability, risk, and security assessments, cloud platform/system/device/IDS/IPS logs, and threat analysis. • Implementing and working with industry standards and guidelines such as SOC1/SOC2/SOC3, and PCI • Managing the information security incident lifecycle, including incident response, mitigation, forensics, after-action reporting, and mapping a path forward. • Information security architecture, mitigation of threats, and compensating controls • Applied cryptography and security protocols • Penetration testing and red teaming • Enterprise risk management programs, including internal audits, consulting engagements, information technology reviews, audit, and compliance efforts. • Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. • Ability to interact with internal and external customers, leadership, and co-workers both in person, virtually, and in writing.

Benefits

• Paid Health Benefits ($0 Premiums) • Dental, Vision, Life plans • Open Vacation • 401k (50% match up to 3%) • Paid Equipment • Education Stipend • Paid Holidays & Birthdays Off • Parental Leave • Team Offsites / Events • Ticket hookups!