Staff Security Engineer (Blue Team)
full-time • Remote • nyc, remote • $161,000 - $220,000
security
blue team
engineer
What You'll Do
- Guide and coach Olo’s Blue Team on Information Protection, Incident Detection and Response and Service Delivery.
- You will provide strategic and technical oversight to the team and the program.
- Technically lead a team of security engineers and analysts who hunt, detect, and respond to internal and external threats.
- Collaborate with customers and partners to strengthen their security posture.
- Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities.
- Ultimately you will keep team member and customers data safe by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams.
Information Protection
- Lead Olo’s Information Protection program including the selection, testing, implementation and maintenance of security tools and services, security awareness, service provider management and the ongoing testing of those controls.
- Oversee Vulnerability Management program including vulnerability assessments, risk scoring and vulnerability resolution.
- Oversee Threat Hunting program to detect and mitigate advanced threats.
- Manage non-event driven security reviews, including concept reviews, design reviews, patching, firewall rules and system configuration checks.
- Apply Web application and API security principles and techniques, such as zero trust, RBAC, authentication, authorization, auditing, rate limiting, challenges, etc., to protect our cloud-based services from unauthorized access and abuse.
Incident Detection and Response
- Oversee Incident Detection and Response program including ownership of incident response processes, tools and services and the ongoing continuous improvement of those controls.
- Coordinate the detection and response to attacks through all incident phases.
- Ensure incident reports are accurate, detailed and relevant.
- Monitor, detect, and remediate misconfigurations and security risks across our cloud environments.
- Participate in a 24/7 on-call rotation.
Security Services
- Oversee Security Services program including security support requests, risk assessments, vendor assessments, PCI and SOC audit support and service provider management.
What We'll Expect from You
- 5+ years of Security Engineering, Security Operations or Security Architecture experience.
- CISSP, GCIH or similar certification preferred.
- Experience acting as technical lead to distributed teams consisting largely of remote engineers.
- Experience complying with PCI-DSS and other compliance and regulatory standards.
- Experience with attacker tactics, techniques and procedures.
- Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards.
- Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports.
- Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response).
- Deep understanding of operating system, networking and application concepts.
- Experience hardening Windows, MacOS, Linux Containers and Kubernetes.
- Familiarity with AWS security best practices and Infrastructure-as-Code.
- Experience deploying and maintaining security technologies. (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust).
- Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers.
- Ability to work during critical incidents or to support coverage requirements.
- Strong English writing and verbal communication skills
