Role OverviewThe Senior Cloud Cybersecurity (CCS) Detection and Response Engineer will collaborate with Detection, Security, and Software Engineers to proactively defend Tanium Cloud's services. You will be an integral part of the Tanium Cloud security engineering processes, responsible for the design, implementation, and operation of preventative, detective, and responsive controls to identify, assess, and counter risks and threats before impacting Tanium Cloud.
What You Will Do
Build and operate Tanium Cloud's detection and response engineering in Azure, AWS, and Kubernetes for detections, analysis, and responses as automation as code using DevOps methodologies. Continuously evaluate and enhance the design and effectiveness of Cloud and Kubernetes security measures and establish an ongoing program to advance security and close gaps in our defensive posture.
Why It Might Be a Fit
We're looking for someone with 5-7 years of experience in cloud security event prevention, detection, response for public cloud systems (e.g. AWS, Azure) within a DevOps environment. Experience in detection and response engineering methodologies, such as building detection cases, proactively identify known and unknown cyber threats, advisory behaviors.
Requirements
- Bachelor's degree or equivalent experience
- Cloud Security, IT Security, or related technical field preferred
- 5-7 years of experience in cloud security event prevention, detection, response for public cloud systems (e.g. AWS, Azure) within a DevOps environment
- 3+ years of hands-on experience in Kubernetes environment, logging, and runtime security for sensitive container workloads, preferably on AKS and EKS
- Experience in detection and response engineering methodologies, such as building detection cases, proactively identify known and unknown cyber threats, advisory behaviors
- Experience in using security query or analytic tools for security data analysis, such as SQL, KQL, or SPL
- Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) against Kubernetes, Container, Serverless, Linux host, and Cloud services (e.g. MITRE ATT&CK, building threat intelligence, etc.)
- Experience with security events and incident management in highly regulated hosting environments (such as ISO 27001, NIST SP 800-161r3, FedRAMP, Protected B)
- Experience using high-level programming languages (Go, Python) to produce detection-as-code, tools, and automations
- Experience managing cloud infrastructure as infrastructure-as-code (e.g. Terraform, CloudFormation, ARM, Pulumi)
- Deliver high quality PRs daily using modern software engineering development and automation tools like Git and CI/CD pipelines (i.e. Jenkins, GitHub Actions)
Benefits
- Annual base salary range $120,000 to $355,000
- Equity awards
- Medical, dental and vision plan
- Family planning benefits
- Health savings account
- Flexible spending account
- Transportation savings account
- 401(k) retirement savings plan with company match
- Life, accident and disability coverage
- Business travel accident insurance
- Employee assistance programs
- Disability insurance
- Other well-being benefits
]]>