Staff Security Engineer - SecOps & Threat

As a member of 6sense's Security department, the Security Operations and Threat Management team protects 6sense through prevention, detection, investigation, and response to business-impacting security events, incidents, and threats.

Responsibilities & Accountabilities

• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap
• Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis
• Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts, ensure incident resolution, and perform root cause analysis
• Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services
• Perform security forensics
• Build security tools and advanced automation that enable the 6sense Security Team to operate at speed and scale
• Propose, plan, lead, and execute threat exercises based on current security trends, advisories, publications, and academic research
• Mentor engineers across Information Security to drive security controls and risk remediation
• Communicate risks and mitigations across multiple audiences with varying levels of sensitivity
• Execute on quarterly individual Key Results that support team Objectives (OKRs)

Performance Measurement

• Maintains up-to-date knowledge of 6sense's product, environment, systems, and architecture
• Actively prepares for weekly 1:1s with Manager and monthly skip levels
• Takes part in the Security Operations on-call rotation
• Mitigates security exposures
• Drives incidents to closure within established SLAs
• Participates in creation of milestones associated with major security projects
• Executes on milestones associated with major security projects
• Develops and maintains up-to-date handbook pages, runbooks, workflows, and dashboards
• Provides project status updates on a weekly basis

Educational and Experience Requirements

• 5+ years of experience being part of a Security Operations or similar team
• 3+ years of experience developing automation
• 2+ years of experience conducting adversary emulation exercises
• Experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS)
• Experience with industry frameworks, regulations, and standards, such as: MITRE ATT&CK, STRIDE, PASTA, ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc.

Preferred Qualifications

• Bachelor's degree in a related field
• Relevant industry certifications, such as CISSP, CISM, or GIAC, are highly desirable

Competencies and Behaviors

• Works independently to maintain and improve overall company security posture
• Collaborates with cross-functional teams
• Translates technical requirements into actionable and time-bound requests
• Drives projects and tasks to completion by following up on questions, deadlines, and requests for input
• Maintains accuracy of information
• Proactive prioritization and escalation to management
• Strong communication skills, including verbal, written, and presentation skills