Principal Security Operations Engineer- DIS
Belmont (TANGNEY) Bachelor's Degree Design / Civil engineering / Industrial engineering
Job description
Job facts
The Principal Security Operations Engineer will be part of a talented team of DevSecOps Engineers responsible for the secure operations of the Navify platform and products. Activities will include designing implementing best of breed tools used to monitor and alert on perimeter, host and other security incidents. The Principle SecOps Engineer will help build automation tools generally working smarter not harder to make sure that we are proactively protecting the platform against threats. Once these tools are built the Principle Security Ops Engineer will drive process and be part of a the security operations team.
Responsabilites:
·
Work with our Security architects and Engineers to design and implement best of breed tools, systems and processes.
·
Design and select best of breed tools / systems to include in the sec ops ecosystem
·
Own the SecOps roadmap
·
Identify malicious or anomalous activity based on event data from firewalls, WAF, IPS, and other sources.
·
Perform analysis of log files and data outputs. Perform triage of incoming issues using ticket tracking system.
·
Provide tuning recommendations of security tools based on traffic patterns.
·
Produce and review daily and weekly metrics for security events.
·
Create wiki articles to document incident handling and investigation procedures.
·
Stay up-to-date with trends in the information security community including new vulnerabilities, methodologies, and products.
·
Full regular on-call responsibilities.
Background and skills:
·
Leadership and sec ops vision required
·
Knowledge of attack vectors (malware, web application, social engineering, etc)
·
Extensive experience with AWS services, security concepts and networking mandatory
·
At least 3 years experience designing and implementing best of breed security tools / systems in at least one area of focus (perimeter, host, app sec, incident response, vulnerability detection, compliance reporting).
·
Experience working as part of a Computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT) highly desired.
·
Understanding of perimeter protection tools: AWS native components/tools, NIDS, Web Application and Network Firewalls
·
Understanding of cloud provisioning tools CloudFormation and Terraform
·
Thorough understanding of DevSecOps ideologies and ability to drive and communicate change supporting DevSecOps methodology within the organization
·
Ability to communicate effectively with varying audiences at multiple levels of sensitivity
·
Identify and recommend solutions that improve or expand Roche's incident response capabilities
·
Understanding of security vulnerabilities, attacker exploit techniques, and methods for remediation of such
·
Propensity to solve problems at their root, stepping back to understand the broader context
·
You keep your knowledge and skills current to keep up with the rapidly changing threat landscape
·
Thorough understanding of best practices in security engineering: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
·
Experience in health informatics domain desired
·
BS degree or equivalent in a directly related discipline (CS, Eng, etc.)
·
Desirable developing languages with proven proficiency in at least one: Python, Ruby, Javascript
·
Proven and current scripting and automation experience required
·
10+ years experience
· Who we are
At Roche, 94,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we've become one of the world's leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Roche is an equal opportunity employer and strictly prohibits unlawful discrimination based upon an individual's race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other characteristic protected by law.