SpyCloud is searching for a Principal Security Engineer to join our growing Engineering team.

SpyCloud is a pioneer in breach discovery. We strive to help businesses of all sizes mitigate data breaches by proactively alerting when employee or company assets have been compromised. We accomplish this through our early-warning breach detection service powered by a world-class team of intelligence analysts.

Who You Are

You are an experienced security professional who enjoys taking on challenges. You are looking for an opportunity in a startup where you can grow with the company, both as an individual contributor and a leader. You are energized by the opportunity to take full ownership and mature security operations. You think automation is awesome and you like to understand risk from a technical perspective. You attend and participate in security conferences because you are always learning. You are self-motivated, a great communicator and are able to context switch as needs of the business require.

What you will be working on

• Evangelizing and implementing security measures across the organizationProtecting the house
• Regular code & process reviews with internal and external team members
• Triaging security issues from our Bug Bounty or Vulnerability Management program, and help to manage the remediation process
• Automating reporting on a variety of arbitrary security metrics
• Building and maintaining tools for yourself and others
• Collecting indicators of compromise from public and private feeds for the purpose of threat monitoring and mitigation
• Threat hunting with the tools and systems that you maintain
• Taking the technical point lead on any incidents or investigations
• Overseeing department and individual projects from start to finish
• Assisting legal and compliance teams with audit work

Requirements

• BS or MS in Computer Forensics, Science or Engineering, Information Systems or other relevant security fields, or comparable experience.
• 10+ years of experience securing and managing systems
•  Familiarity with building a SIEM or implementing similar solutions for identifying anomalies in aggregated log data
• Familiarity with security and vulnerability management standards (OWASP, CVE, ATT&CK, CVSS, NIST, DREAD, etc)
• Understanding of access control within cloud environments (IAM, security groups, etc)
• Some Programming experience (Python, Go)
• Familiarity with technologies that we use (Terraform, Docker, Ansible, Serverless Architecture, AWS)
• Understanding of networking and protocols and how to find threats within them
• Knowledge of Linux security controls
• Understanding of threats that impact Linux, Windows, and OS X environments
• Understanding of DevOps methodologies and you have ideas on improving common and uncommon issues within the Software Development Life Cycle