Senior SecOps Engineer

Senior SecOps Engineer

Location: San Francisco, CA Duration: 6+ Months Contract/Contract To Hire

What you ll do:

Become an expert in the client s technology stack to understand points of weakness and opportunities for security solutions. Assist in monitoring the client s IT control environment to identify key risks, related controls and gaps, document and report results to management. Assist with third party vulnerability testing process; document and report results to management. Collaborate with internal stakeholders on addressing systemic security issues. Perform monitoring of security tools and oversee remediation of items identified. Proactively identify threats and vulnerabilities, and collect, correlate, and analyze data to detect actual or potential security related incidents, and ensure timely remediation by the applicable party. Identify, implement, and maintain the controls and procedures required to cost effectively and uniformly protect the client s information system assets. Monitor, track, and document information security related incidents to ensure a prompt and efficient resolution. Provide support and evidence collection for internal and external audits and risk assessments. Consults with management to assist with developing corrective action plans for identified audit, risk, Information Security, and IT findings. Research, design, and participate in or lead the implementation of security initiatives. Stay current on the latest information technology and security trends; recommend corrective actions as identified and needed through Information Security initiatives. Assist in developing the client-wide best practices for IT and Information security. What you ll bring:

5+ years of experience with design, testing, development, migration & integration within a medium to large organization. Experience conducting vulnerability scans and validating scan data across workstation, server, network, and peripheral devices. Operational experience with Vulnerability scanning, Incident Response, Endpoint Detection and Response, Monitoring and Logging including hardware refresh, software testing, software upgrades, and complex troubleshooting techniques. Current experience in security threats, solutions, security tools and network technologies along with a keen ability to diagnose and troubleshoot technical issues. Proven knowledge of core AWS products and services (e.g. VPC, EC2, S3, RDS, ELB, ALB, WAF, Lambda), AWS (Iaas & Paas Components). Experience with automation frameworks/tools like Git, Jenkins, Terraform is a MUST. Proficiency is one or more programming languages (Python, Java, Go etc.) Proficiency in both Windows and Linux architectures Hands-on experience with vulnerability scanning tools: for example, tools such as Qualys, Rapid7 -Nexpose, or Tenable Nessus, etc. Hands-on experience with EDR tools: for example, tools such as Tanium, C