San Francisco, CA or Littleton, CO
Joyent is the high-performance cloud infrastructure company built to power real-time web and mobile applications.
Joyent is currently seeking a SOC Engineer who will be responsible for the implementation, configuration, operation, management, testing, tuning, and optimization of systems and resources related to security operational tools within the SOC. Candidates must possess a mature information security attitude, aptitude, and the ability to manage a multitude of virtual resources in a fast-paced cloud environment.
SOC Engineers are expected to ensure tools are properly implemented, updated, tuned, and functioning at peak efficiency. SOC Engineers may be required to conduct analysis on security events that meet specific criteria and work on identified security incidents to resolution as a member of the Security Incident Response Team.
- Perform security operations support including monitoring, remediation, implementation, configuration, planning, staffing, and tracking in compliance with security policies and other security-related statutes, regulations, rules, and standards.
- Recommend and implement best practices for firewall management compliance with internal firewall policies, and perform periodical (weekly/monthly) review of firewall logs to meet compliance requirements.
- Perform network and host-based monitoring and intrusion detection analysis to determine attacks on public and private cloud networks.
- Responsible for initial triage of security events and taking mitigation actions to contain the attack activities and minimize damage when a malicious activity or attack has occurred on Joyent service infrastructure.
- Monitor, investigate, detect, resolve, and remediate attacks, threats, and security breaches as a part of a cross-functional security incident response team.
- Install, monitor, tune, and manage security devices, including SIEM, data encryption, and other security products.
- Work and communicate to stakeholders the status of information security, inform of possible risks, and suggest ways to improve security.
- Contribute to projects with technical knowledge of network and system operating system and network security in physical, virtual, and cloud-based implementations.
- Maintain a keen understanding of evolving security threats and vulnerabilities to ensure the security of cloud infrastructure.
- Collect and utilize 3rd party threat intelligence to enrich security events to improve detection accuracy.
- The ideal candidate should be able to multitask and give equal attention to a variety of functions while under pressure.
- Should cooperate with MSSP to deploy, operate, and maintain security devices worldwide.
- Adept Linux/Unix, Network Security Monitoring skills.
- Experience using a high-level scripting language.
- Hands-on experience in security systems, such as endpoint security, vulnerability assessment, and management, network security technologies such as firewalls and IPS/IPS, wireless network security, SIEM, authentication systems, log management, and encryption.
- Experience with assessments of security controls, identify weaknesses and track remediation activities.
- Experience with packet capture and analyses for network troubleshooting and security.
- Experience with Network and system audit activities, patch audit, and compliance scans.
- Experience with packet capture tools, analyzing raw packets.
- Experience with configuring, operating, troubleshooting, and maintaining security tools including SIEM, IDS/IPS, WAFs, Anti-DDoS, and vulnerability scanners.
- Experience with SIEM, including event log analysis, log management, file integrity monitoring, and real-time event correlation, network device, and server event log monitoring, and Syslog monitoring.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- Demonstrable knowledge of cryptographic concepts and techniques, including encryption, hashing, and key management.
- Knowledge of cloud-specific security risks, API security vulnerabilities, and remediation measures.
- Participate in on-call rotation and off-hours work as necessary.
- Open to non-standard shifts to support 24/7 SOC operations.
- Strong attention to detail, organizational skills, problem-solving, troubleshooting, and documentation skills.
- Korean language skill is a plus
- Minimum 2 years prior experience in an information security role
- Bachelor’s degree in information technology or related field, or equivalent experience.
- An advanced degree in a technology-related field is a plus.
- Technical security related certifications are a plus:
- Industry Certifications — e.g. GSEC, Security+
Joyent, a wholly-owned subsidiary of Samsung, is the open cloud company. With its Triton Kubernetes services and support, Joyent helps its customers build and operate modern cloud native applications across multiple clouds. Joyent’s Triton Private Regions provide low cost, dedicated cloud infrastructure that gives its customers the ability to own their data and control their cloud costs.
To apply, please submit a brief introduction, a copy of your resume, and a link to your Github or LinkedIn profile to firstname.lastname@example.org with SOC Engineer in the subject. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the Fair Chance Ordinance.
View All Open Positions at Joyent