Information Security Specialist

What You Will Do Daily:

• Security Intake Management: Monitor the security queues and dashboards to categorize incoming security requests by severity, and escalate high-priority threats to senior staff.
• Remediation Follow-up: Reach out to Engineering, Business and Technology teams to manage security findings and update/verify as needed.
• Security Monitoring: Support monitoring and assignment of actions for security tooling.
• User Access Reviews: Conduct "least privilege" reviews by comparing current user permissions against HR records to ensure access remains aligned with the employee's role.
• Security Documentation: Draft or update simple "Standard Operating Procedures" (SOPs) for common security tasks to ensure the team’s knowledge base remains current as the tech stack evolves.
• Process Automation: Learn and leverage AI tools to automate repetitive tasks, streamline reporting, and produce security metrics.
• Campaign Management: Launch and manage campaigns to employees such as specialized training, phishing, standards updates, etc.

The Experience You Will Need:

• Customer Obsession: While security is what we do, our customers and internal users are key to our success.  We strive for solutions that enable speed without sacrificing security.
• Infrastructure Fundamentals: A clear understanding of basic security principles and how security fits into organizations
• Incident Triage: Ability to differentiate between true security threats and common "noise" (false positives) within a monitoring queue.
• Vulnerability Lifecycle Management: Basic knowledge of how a vulnerability moves from discovery (e.g., a pentest finding) to remediation and final verification.
• Logical Troubleshooting: A systematic approach to investigating "how" and "why" events occur.
• Technical Communication: The ability to explain security requirements to non-security peers in a professional and collaborative manner.
• Foundational Networking: Familiarity with the OSI Model, TCP/IP, and how data flows through firewalls and proxies in a hybrid work environment.
• Administrative Diligence: Strong organizational skills for tracking multiple long-term remediation projects without letting smaller alerts slip through the cracks.

Why You Will Love It Here:

• Our culture and mission set us apart. We have a dynamic work culture that values respect and kindness and embraces the right to fail (and get right back up again!). 
• Great people make a great company. We value people skills as much as technical skills and strive to keep things friendly while still being passionate leaders in our domains. 
• We have a flexible work policy that includes 3 days in-office and 2 days work-from-home each week for those located near our office locations; some locations such as Dubai, India, Japan and Australia operate fully remotely.
• We have a growth mindset. We love learning and believe continuous education is critical to our success. In an ever-changing industry, new skills are necessary, and we're happy to help our team acquire them.
• As the leader in our field, our products and services are as strong as our internal team members.
• We embrace transparency with regular meetings, cascading messages and updates on the growth and success of our organization.

Benefits of Working with Sonar:

• Flexible comprehensive employee benefit package.
• We encourage usage of our robust time-off allocations. You will receive  23 days of PTO per calendar year (on a pro-rated basis depending on your employment start date), with additional time provided for sickness, life events and holidays
• .We offer an exciting 401(k) plan that has a 4% match, fully vested on day one of participation.
• Fully paid parking in the heart of downtown Austin, Texas.
• Global workforce with employees in 20+ countries representing 35+ unique nationalities.
• We have an annual kick-off somewhere in the world where we meet to build relationships and goals for the company.
• Monthly catered events, and team events