SpyCloud - Senior Security Engineer

Remote - Austin TX1mo ago

Remote Senior NA Cybersecurity Cloud Computing Security Engineer Bash Python AWS Terraform Git

Upload My Resume

Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT

Apply in One Click

Requirements

• Professional Experience: • At least 5 years of professional experience in a DevOps, Security Engineering, or Detection Engineering role maintaining relevant production infrastructure. • Technical Proficiency: • Strong working knowledge of AWS services such as EC2, ECS or EKS, Lambda, ELBs, Transit Gateway, VPC, CloudWatch, S3, Code/Build/Pipeline/Deploy, etc. • Strong working knowledge of Terraform or similar tools, AWS CLI/SDK, Boto. • Extensive experience with SIEM content engineering, data transformation, and log onboarding. • Proficiency with scripting languages such as Python, Bash, etc. • Proficiency integrating systems via API and their respective authentication mechanisms. • Strong understanding of networking fundamentals and troubleshooting techniques for bare metal and containerized workloads. • Experience with best practice build pipelines, including Git/GitHub. • Experience with EDR tools, such as CrowdStrike Falcon and Sentinel One. • Experience with SOAR playbook building and automation, such as Tracecat and Chronicle SecOps. • Experience with Cribl Stream. • Familiarity with Cloud Security Posture Management, such as Crowdstrike and Wiz.

Responsibilities

• Infrastructure Design and Maintenance: • Design, improve, and maintain secure, durable, and performant infrastructure to power applications, security tooling, log collection, and data mining/ETL workflows. • Evolve log collection, processing, and storage infrastructure enabling security monitoring and investigations. • Support multi-account and multi-region AWS networking architectures with security-first principles. • Detection Engineering and Automation: • Develop and maintain Splunk detection content aligned to the relevant frameworks and evolving threat intelligence. • Administer the Splunk Cloud platform, including search health, log health, and app, platform, and content updates. • Design and implement SOAR playbooks to automate investigation and response workflows. • Integrate infrastructure security tooling and automation to enhance detection, prevention, and response capabilities. • Build and maintain detection-as-code and automated deployment pipelines to ensure consistency, repeatability, and auditability. • Continuously refine detection logic to reduce false positives and increase signal quality. • Security and Compliance: • Implement and operate security technologies across the enterprise, such as an endpoint security platforn. • Support incident response and investigation escalations. • Proactively meet standards for information security and compliance, such as SOC 2/ISO27001. • Implement and uphold security measures across all infrastructure components. • Work cross-functionally with Product, IT, DevOps, and Engineering teams to drive secure-by-default practices. • Technical Leadership • Drive architectural and design decisions for SpyCloud’s detection program and platforms. • Mentor junior engineers and establish best practices across infrastructure and detection engineering domains.

Benefits

• At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: • Health, Vision, and Dental Insurance • Generous PTO Plan • In-office meals provided • SpyCloud is not sponsoring visas at this time. • U.S.-Based Benefits + Perks (for Full Time Employees): • 401(k) with Employer Contribution • Health Savings Account (HSA) available with Employer Contribution • Employer Paid Life, Short-term, and Long-term Disability Insurance • Generous PTO Plan and 16 paid holidays per year • U.K.-Based Benefits + Perks (for Full Time Employees): • Retirement Savings Plan with Employer Contribution • Employer Provided Private Health Insurance and Healthcare Cashplan • Employer Paid Life Insurance and Income Replacement • Generous Holiday Plan and 14 paid holidays per year • SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud's data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now.To learn more and see insights on your company’s exposed data, visit spycloud.com. • Our Mission: • Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals’ ability to profit from stolen information.