Security Operations Engineer II

About The Position

Requirements

• 3+ years of Information Security Experience
• Working experience with the Google Cloud Platform or AWS
• Hands-on experience with automation and scripting such as Terraform and shell/Python scripts
• Experience supporting or participating in penetration testing of web applications, network devices, and cloud configurations
• A self-starter, comfortable working with cloud infrastructure, software development, and information security risk issues
• Foundational knowledge of information technology and/or software development risk management frameworks and compliance practices
• Ability to apply security policies, standards, and guidelines based on best practices and industry frameworks
• Strong interpersonal and communication skills, with the ability to clearly document and convey security findings
• You are passionate about learning and supporting a culture of security awareness and compliance across the organization.

Nice To Haves

• Familiarity with the NIST CyberSecurity Framework and control testing; exposure to audits and some experience with SOC2, HiTrust, or similar audits and certifications is a plus
• Industry security certifications (i.e. CCSP, CCSK, CCSE for cloud security) are a plus

Responsibilities

• Collaborates with the CSO Team to support the development, maintenance, and implementation of security standards.
• Partner with IT to support the secure implementation of access controls and identity management
• Participate in and contribute to initiatives for operating system, Docker images, Kubernetes/GKE and configuration hardening in the public cloud
• Support the execution of vulnerability and patch management programs, including tracking remediation efforts.
• Work with engineering teams to communicate remediation steps required for vulnerabilities identified through scans or penetration tests.
• Support IT, Legal, Finance, Insurance Operations, External Examiners, and business areas during compliance exams.
• Assist with the day-to-day operations of security scanning and web penetration testing tools
• Support the implementation of security monitoring measures to secure the production environment
• Contribute to regular metrics and reporting on the state of the environment
• Identify and surface opportunities to improve security tooling, processes, and best practices.

Benefits

• Competitive salary and equity based on role
• Policies and managers that support work/life balance, like our flexible paid time off and parental leave programs
• 100% paid-premium option for medical, dental, and vision insurance
• Lifestyle stipend to support your physical, emotional, and financial wellbeing
• Flexible work-from-home policy and open to remote
• Remote and WFH options, as well as a beautiful, state-of-the-art office in Dallas’ Deep Ellum, for those who prefer an office setting
• Employee-led diversity, equity, and inclusion initiatives