At SimpliSafe we design, develop, manufacture, and sell our own line of wireless, connected home security systems: home sensors, cameras, and locks. Our technology and service platform secures the homes of millions of Americans without the hassles, long term contracts, or fees of traditional Home Security. Protecting our customers and their families is a tremendous responsibility, so we are doubling our Information Security team to help build, develop and drive our security program. With each release, we have new and complex problems to unravel.
As a Security Operations Engineer, you will partner primarily with our Operations teams (DevOps, Network, and IT) as well as Managed Security Services providers to design, implement, and configure real-time security controls to protect systems and assets. Building on our strong security-conscious culture, you will frequently face captivating security challenges, including vulnerability reports, and be trusted to develop our Security Operations Center. This will require you to balance the needs of the business with strong security controls such as Zero Trust, SIEM, IAM, EDR/EPP
If you care about securing a rapidly growing business with ambitious goals, you should fit right in. Are you excited to collaborate, negotiate and build consensus across a wider organization? Can you identify exposed systems and access controls, find and prioritize threats, and coach members of the Engineering organization how to detect and respond to advanced adversaries Tactics, Techniques and Procedures (TTPs) with the right automation?
Strong candidates will demonstrate experience in security operations and incident response, but will have a preference toward building defensive controls with automation ingenuity (on existing and new layers of protection). They will be comfortable with at least one scripting language and have proficiency in cloud infrastructure management on platforms such as AWS or Google Cloud
- Identify and deploy appropriate defense in depth controls (IPS/IDS/EDR/DLP/CSPM)
- Harden WAF in front of public-facing web applications and assist in mitigation of other DDOS, brute-force, or credential stuffing vectors
- Drive incident resolution and containment techniques with automation (SOAR)
- Accountable for the operational management and administration of Enterprise SIEM
- Drive network, host-level, and application-level alert detection strategies for deployed assets and workloads
- Blend with and understand our agile-based software development methodologies
- Collect metrics from tooling and use them to steer security strategy
- Teach and share knowledge of the NIST and/or SANS top security controls
- Oversee IT asset security for Mac/Windows/Linux endpoints
- You love building relationships with teammates across multiple functional business units, as key to your pragmatic mindset and vigilance towards business operations impact
- Have a curious investigative mind, a deep interest in information security, and the ability to communicate complex ideas to varied audiences plainly and concisely
- Solid understanding of information security and computer systems and cloud concepts, encryption protocols, and networking protocols
- No shortage of incident response war stories to share; even better if they include executive-level engagement
- Willingly navigate ambiguity with humility, understanding, and a growth mindset
- You have several years of experience with at least one programming language and a terminal emulator
- CEH, CompTIA Security+, or a background in PCI and/or GDPR compliance is a plus
- Security monitoring experience with one or more SIEM technologies - e.g. ELK, IBM QRadar, LogRhythm, Splunk.
- Proficient with AWS security best practices and log collection.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.