Senior Security Engineer, SecOps

As a member of the Information Security team, you are passionate about security and its operations. You see security as an enabler and differentiator to enable the business through innovation, not as a check box in the compliance process. You work with the business and technology partners to achieve goals and objectives in a secure manner with a heavy forward lean on modern data and technology architectures.

Qualifications:

• Strong understanding of SSL/TLS
• Subject Matter Expertise with Intrusion Detection/Prevention technology and writing signatures
• Subject Matter Competency with Azure Active Directory and Windows & OSX OS security
• Experience administering the following technologies:
  • Firewalling systems
  • Antivirus/antimalware and patch management software
  • Web content filtering / proxy technologies
  • MDM/EMM solutions such as Jamf, InTune
• Reactive monitoring - classifying alerts triggered by SIEM and EDR tools
• Proactive monitoring - threat hunting on client estates to identify incidents missed by automated tools
• Creating new detection rules
• Creating new automation response rules
• Experience in SIEM and EDR tool configuration
• Incident response - Providing technical support/recommendations during incidents and undertaking forensic investigation of compromised systems post-incident
• Experience configuring mail security gateways and API-based email security platforms is a plus. (e.g., Avanan, Abnormal, Barracuda, Google GMAIL, Material, Mimecast, Microsoft O365)
• Skill in Microsoft O365 Cloud and On-Prem Exchange Mail Flow, including Policy Rules, Message Trace, and Connectors, Mail Routing is required. Experience with Exchange End User digest is a plus.
• Skill in Microsoft Exchange Online Protection (EOP), E3/E5, Data Loss Prevention, Email Encryption, Retention Policies, Audit logs. Experience with Microsoft Defender for Office 365 is a plus.
• Design, build and deploy automation to scale infrastructure vulnerability discovery efforts 
• Assist IT Team with building out and scale our asset inventory platform
• Drive vuln remediation 
• Data Loss Prevention Experience
• Excellent interpersonal and communication skills
• Excellent presentation skills and experience: A key element of this position involves briefing senior management on actual incidents and translating them into business impacts
• Self‐directed/self‐motivated

Responsibilities:

• With knowledge of the endpoint detect and response tools, the candidate will respond to triage alerts on endpoint, network, server, cloud, and application technology
• Incident response and handling are key skills, as well as a solid emotional quotient when dealing with users
• Work daily responding to enterprise-wide alerts on our security controls
• Provide metrics and reports
• Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
• Assist clients in identifying and remediating gaps as identified throughout the investigation
• Provide clients guidance and advice regarding cyber incidents, forensics, and incident response
• Document findings and create well written reports
• Identify attacker tools, tactics, and procedures to develop IOCs
• Support threat hunting efforts company networks with indicators of compromise, hunting for evidence of a compromise
• Analyze adversarial IOCs and their respective tactics, techniques, and procedures (TTPs) to provide unique insight into current and emerging threat groups and campaigns, and generate actionable intelligence
• Exercise strong incident management techniques to coordinate security incident response to information security events or incidents stemming from suspected internal or external threats
• Acquire/collect computer artifacts (e.g., malware, system/user logs, data artifacts) in support of Cyber Defense engagements
• Triage system assets and determine evidentiary value
• Correlate forensic findings to network events in support of developing an intrusion narrative
• Collect and document system state information (e.g., running processes, network connections)
• Perform forensic triage of an incident to include determining scope, urgency, and potential impact
• Track and document forensic analysis from initial participation through resolution
• Collect, process, preserve, analyze, and present computer related evidence while maintaining chain of custody requirements

About You:

• You have a desire to work in a very fast moving, forward leaning, modern environment
• You have a deep passion for securing platforms and security operations
• You have a strong desire to continually learn about new technologies
• You possess strong conceptual thinking and communication skills
• You are able to work well under minimal supervision
• You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles including business executives, technology leaders, and enterprise suppliers
• You maintain calmness and clarity of thought under pressure and the ability to maintain confidentiality
• You have the ability to describe the risks of a security exposure or vulnerability in business-impact terms

About Indigo:

We’re an international agtech startup pioneering an ambitious mission in a budding industry where agriculture meets technology. Through the use of data-driven insights, natural microbiology, and innovative digital technologies, Indigo is partnering across the supply chain, ultimately cultivating a scalable climate solution and enhanced ecosystem that beneficially serves farmers, consumers, and the planet alike.

Our mission is unique, and therefore our teams are too: from multigenerational farming experts, who understand the land as though it were an extension of themselves, to cutting-edge technologists and scientists on the frontier of innovation, our teams are a reflection of the range of the stakeholders we serve: the Earth, the Farmer, and the Consumer. Indigo is extraordinary, and we owe that to the individuals who make up our community and enable success through diversity of thought, experience, background, perspective, race, sexuality, gender, age, and everything else that makes a person uniquely themselves. Connected by a common vision and empowered by diversity, we aren’t ordinary, and neither are you. Embrace your extraordinary and join Indigo in cultivating a healthier planet fueled by unique game changers.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Benefits:

• Health, dental, and vision insurance for you and your family
• Generous time off
• Parental leave
• A remote-first organization with flexible work hours
• Catered Lunches
• Commuter benefits
• 401(k) plan