Olo - Staff Security Engineer (Blue Team)

• Guide and coach Olo’s Blue Team on Information Protection, Incident Detection and Response and Service Delivery. • You will provide strategic and technical oversight to the team and the program. • Technically lead a team of security engineers and analysts who hunt, detect, and respond to internal and external threats. • Collaborate with customers and partners to strengthen their security posture. • Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities. • Ultimately you will keep team member and customers data safe by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams. • Information Protection • Lead Olo’s Information Protection program including the selection, testing, implementation and maintenance of security tools and services, security awareness, service provider management and the ongoing testing of those controls. • Oversee Vulnerability Management program including vulnerability assessments, risk scoring and vulnerability resolution. • Oversee Threat Hunting program to detect and mitigate advanced threats. • Manage non-event driven security reviews, including concept reviews, design reviews, patching, firewall rules and system configuration checks. • Incident Detection and Response • Oversee Incident Detection and Response program including ownership of incident response processes, tools and services and the ongoing continuous improvement of those controls. • Coordinate the detection and response to attacks through all incident phases. • Ensure incident reports are accurate, detailed and relevant. • Monitor, detect, and remediate misconfigurations and security risks across our cloud environments. • Participate in a 24/7 on-call rotation. • Security Services • Oversee Security Services program including security support requests, risk assessments, vendor assessments, PCI and SOC audit support and service provider management. • What We'll Expect from You • 5+ years of Security Engineering, Security Operations or Security Architecture experience. • CISSP, GCIH or similar certification preferred. • Experience acting as technical lead to distributed teams consisting largely of remote engineers. • Experience complying with PCI-DSS and other compliance and regulatory standards. • Experience with attacker tactics, techniques and procedures. • Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards. • Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports. • Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response). • Deep understanding of operating system, networking and application concepts. • Experience hardening Windows, MacOS, Linux Containers and Kubernetes. • Familiarity with AWS security best practices and Infrastructure-as-Code. • Experience deploying and maintaining security technologies. (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust). • Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers. • Ability to work during critical incidents or to support coverage requirements. • Strong English writing and verbal communication skills