Staff Security Engineer - SecOps & Threat

Описание вакансии

Our Mission:

Our mission is to multiply what matters:  growth, retention, and efficiency.  We envision a future where companies, teams and people reach their full potential.

Our People:

People are the heart and soul of 6sense. We serve with passion and purpose. We live by our Being 6sense values of Win as One Team, Stay Curious, Do The Right Thing, Own the Outcome, and Create Belonging.  Every 6sensor plays a part in defining the future of our industry-leading technology.  6sense is a place where difference-makers roll up their sleeves, take risks, act with integrity, and measure success by the value we create for our customers.  We want 6sense to be the best chapter of your career.

As a member of 6sense’s Security department, the Security Operations and Threat Management team protects 6sense through prevention, detection, investigation, and response to business-impacting security events, incidents, and threats.

Responsibilities & Accountabilities

• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap
• Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis
• Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts, ensure incident resolution, and perform root cause analysis
• Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services
• Perform security forensics
• Build security tools and advanced automation that enable the 6sense Security Team to operate at speed and scale
• Propose, plan, lead, and execute threat exercises based on current security trends, advisories, publications, and academic research
• Mentor engineers across Information Security to drive security controls and risk remediation
• Communicate risks and mitigations across multiple audiences with varying levels of sensitivity
• Execute on quarterly individual Key Results that support team Objectives (OKRs)

Performance Measurement

• Maintains up-to-date knowledge of 6sense’s product, environment, systems, and architecture
• Actively prepares for weekly 1:1s with Manager and monthly skip levels
• Takes part in the Security Operations on-call rotation
• Mitigates security exposures
• Drives incidents to closure within established SLAs
• Participates in creation of milestones associated with major security projects
• Executes on milestones associated with major security projects
• Develops and maintains up-to-date handbook pages, runbooks, workflows, and dashboards
• Provides project status updates on a weekly basis

Educational and Experience Requirements

• 5+ years of experience being part of a Security Operations or similar team
• 3+ years of experience developing automation
• 2+ years of experience conducting adversary emulation exercises
• Experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS)
• Experience with industry frameworks, regulations, and standards, such as: MITRE ATT&CK, STRIDE, PASTA, ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc.

Preferred Qualifications

• Bachelor's degree in a related field
• Relevant industry certifications, such as CISSP, CISM, or GIAC, are highly desirable

Competencies and Behaviors

• Works independently to maintain and improve overall company security posture
• Collaborates with cross-functional teams
• Translates technical requirements into actionable and time-bound requests
• Drives projects and tasks to completion by following up on questions, deadlines, and requests for input
• Maintains accuracy of information
• Proactive prioritization and escalation to management
• Strong communication skills, including verbal, written, and presentation skills

Our Benefits: 

Full-time employees can take advantage of health coverage, paid parental leave, generous paid time-off and holidays, quarterly self-care days off, and stock options. We’ll make sure you have the equipment and support you need to work and connect with your teams, at home or in one of our offices. 

We have a growth mindset culture that is represented in all that we do, from onboarding through to numerous learning and development initiatives including access to our LinkedIn Learning platform. Employee well-being is also top of mind for us. We host quarterly wellness education sessions to encourage self care and personal growth. From wellness days to ERG-hosted events, we celebrate and energize all 6sense employees and their backgrounds. 

Equal Opportunity Employer: 

6sense is an Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to jobs@6sense.com. 

We are aware of recruiting impersonation attempts that are not affiliated with 6sense in any way. All email communications from 6sense will originate from the @6sense.com domain. We will not initially contact you via text message and will never request payments. If you are uncertain whether you have been contacted by an official 6sense employee, reach out to jobs@6sense.com