Tixr
about 1 month ago
As our Security Operations Engineer, you will lead hands-on efforts to protect and defend Tixr’s network boundaries, keep computer, network, and cloud systems hardened against malicious activity, and provide security services that protect our customer sensitive information. You will work with all layers and components of our technology stack and actively monitor our systems for attacks and intrusions. You will use your experience to own, facilitate, and drive the resolution of security incidents, the implementation of security toolsets, the automation and operationalization of these toolsets and address policy questions and resolve security issues of a technical nature.
Additionally, you will work with our software engineers to proactively identify and remediate security flaws and vulnerabilities in our product and platform. You will be focusing on scaling and automating security infrastructure and processes. Help solve user and corporate security concerns, investigate security incidents, perform security gap analysis, and implement novel technologies and architecture.
Using, managing, and securing cloud services and platforms that are SaaS, IaaS, etc...
Experience with security concepts in AWS and with the available security tools, such as Inspector, GuardDuty, Macie, Config, CloudFormation, CloudWatch, CloudTrail, Trusted Advisor, WAF, etc…
Administering and effectively managing monitoring and intrusion detection systems.
Deploying identity and access management services including Single Sign On (SSO) frameworks and mechanisms such as OAuth, SAML, etc...
Log management and security analytics tools, including open source
Skillful in integrating security in CI/CD pipelines for Infrastructure as Code (IaC) (running unit tests, running security tools, managing secrets) using configuration management and automation tools such as Jenkins, Chef, Terraform, GitHub Actions, etc...
Experienced with using Regular Expressions (REGEX) as well as with automation and development leveraging Python, Terraform, etc.
The ability to monitor, evaluate, and interpret vulnerabilities/CVEs, vulnerability, risk, and security assessments, cloud platform/system/device/IDS/IPS logs, and threat analysis.
Implementing and working with industry standards and guidelines such as SOC1/SOC2/SOC3, and PCI
Managing the information security incident lifecycle, including incident response, mitigation, forensics, after-action reporting, and mapping a path forward.
Information security architecture, mitigation of threats, and compensating controls
Applied cryptography and security protocols
Penetration testing and red teaming
Enterprise risk management programs, including internal audits, consulting engagements, information technology reviews, audit, and compliance efforts.
Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. Ability to interact with internal and external customers, leadership, and co-workers both in person, virtually, and in writing.
- Salary Range $130,000 - $180,000 + Bonus + Equity
- 100% Remote with Hybrid Optional
- Paid Health Benefits ($0 Premiums)
- Dental, Vision, Life plans
- Open Vacation
- 401k (50% match up to 3%)
- Paid Equipment
- Education Stipend
- Paid Holidays & Birthdays Off
- Parental Leave
- Team Offsites / Events
- Ticket hookups!