Senior Information Security Engineer
San Ramon, CA, USA | Leading Technology Company
Industry:Computer Software / Computer Games
Functions:IT / Information Technology
Job Description:55 people have viewed this job
Five9 is a leader in Cloud based Call Center solutions and one of the Bay Area’s fastest growing companies. To complement our rapid growth, we are actively looking for an Information Security Engineer to join our Cloud Operations Group.Our headquarters is located in San Ramon, CA, and we continue to expand globally. We offer a very competitive salary, full benefits package, and stock options.Five9 is a high energy environment with lots of room for personal and professional growth.
We are looking for a candidate who possesses deep expertise in the security threat monitoring, detection and incident response space especially in a hosted cloud/web operations environment. The Information Security Engineer will be a part of the Five9’s information security team intended to protect and safeguard our information assets, keeping our computer systems and network devices hardened against attacks and data breaches. The chosen candidate will be capable of adapting to a fast paced environment and be ready to address shifting priorities as needed. The selected candidate will demonstrate creativity and out of the box thinking to continuously improve the organization’s threat intelligence, security monitoring, detection and response capabilities.
Provide subject matter expertise in security threat analysis, hunting, detection and response across Five9’s Production and Corp IT environments
Perform analysis, correlation of actionable security events and alerts, network traffic analysis using raw packet data, net flow, IDS/IPS, SIEM and/or any custom sensor output as it pertains to security threat intelligence, analytics and visibility
Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments
Develop and maintain the incident response framework consisting of Incident Response Plans and Procedures in the form of run books, for the most relevant incident types
Ability to investigate and understand threat campaign(s) techniques, lateral movements and indicators of compromise (IOCs).
Interface with external entities including law enforcement organizations, intelligence community organizations and other government agencies as required.
Willingness to be on call and work odd hours when required
5+ years of previous experience working in security operations, hunt teams, threat intelligence or incident response
Public Cloud experience required
Minimum 3 years of experience working with multiple security technologies including IDS/IPS, SIEM, Log Analysis (Windows, Linux, Web Servers, FIM, NextGen Firewalls, NextGen AV, WAFs, etc.), Network and User Behavior Analysis tools, and Network Packet Analyzers and Visibility tools
3+ years of experience leading cyber security incident resolution as an Incident Response Engineer or Analyst in an Enterprise environment
Knowledge of the Incident Response lifecycle, working independently to investigate and effectively respond to cyber security incidents, working with Digital Forensics tools in an Enterprise environment
Advanced Knowledge of the TCP / IP protocol suite, security architecture, securingand hardening Operating Systems, Networks, Databases and ApplicationsExperience developing and maintaining operations playbooks, run books, and the IR plans
Prior experience employing forensic tools and techniques for attack reconstruction, including forensic analysis and volatile data collection and analysis, will be an added advantage
Thorough understanding of thethreat and attack landscape, latest security trends, attack vectors, vulnerabilities, and how they are leveraged by malicious actors
Security certifications like CISSP, GSEC, GCFA, GCIH, CHFI, SEC+. CEH etc. are highly desired
Excellent verbal and written communication skills and ability to document and explain technical details and incident reports clearly and concisely
Will participate in on call rotation
B.S. degree in Computer Science or related field or equivalent combination of professional development training and experience