MassTLC

Role overview

Our Principal SecOps Engineer will report into our Senior Manager Information Security and be responsible for securing the organization’s infrastructure. You will closely collaborate with infrastructure engineers to continuously improve and develop our digital security posture. This includes architecting, implementing and fine tuning security solutions to mitigate risks and threats to our systems. The engineer will be embedded in the Infrastructure team and empowered to make security architectural decisions.

Our SecOps Engineer will be building and developing our Intrusion Detection System (IDS), security logging, monitoring and acting as the main point of contact for the security incident response team (SIRT). Monitoring, triaging and remediating security events while simultaneously improving threat detection logic is imperative to helping reduce risk exposure to our business.

What you'll do

• Design, architect, and implement defensive security controls across cloud environments (AWS, Azure, GCP) in accordance with CIS Controls and NIST frameworks
• Work with infrastructure-as-code technologies to establish automated security configurations to support platform hardening, security controls and policies in the infrastructure deployment pipeline
• Manage Intrusion Detection System (IDS) and make necessary changes for accurate threat detection and remediation of identified issues
• Scan, triage and remediate security vulnerabilities while continuing to mature the vulnerability management program
• Build out our Security Information and Event Management (SIEM) solution, incident response, and forensic capabilities
• Act as the Incident Commander of the Security Incident Response Team (SIRT)
• Play an active role in defining asset inventory security tagging and data classification
• Work with the infrastructure engineering and product teams to conduct and complete security architecture reviews and designs for the infrastructure requirements
• Evaluate new security technologies as landscapes evolve and change
• Help evangelize security best practices across the company

What you'll bring

Technical Qualifications:

• Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum
• 5-7 years of experience securing cloud agnostic infrastructure (AWS, Azure, GCP) and datastores (MySQL, MongoDB, RDS) including use of automation and container deployment (Docker, Kubernetes, Terraform, Chef, Puppet)
• Extensive experience managing an IDS, SIEM and vulnerability management solutions in a hybrid environment
• Solid understanding of RBAC models and SSO solutions (SAML 2, OAuth 2, OIDC)
• Proficient in system hardening and patch management strategies
• Authored and maintained infrastructure security policies, standards, and procedures
• History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, conducting forensics analysis
• Familiarity with security frameworks and risk-based security programs

Non-technical Qualifications:

• Proactively tie technical security risks and to tactical organizational activities and goals
• Clearly articulate issues and communicate in an effective and personable manner
• Adjust quickly to the security needs of a highly agile organization
• Manage all aspects of large-scale projects to bring about organizational change
• Build relationships across multiple business units to inform and educate security best practices