Senior Security Operations Engineer at Toast
We’re not your traditional tech company and we don’t aim to be. Going against the grain is in our DNA. Building a revolutionary product begins with revolutionary thinking. That’s why we value diversity background and lived experience. Together, we empower restaurants of all sizes to build great teams, increase revenue, improve operations, and delight their guests. We pair our deep understanding of the restaurant industry with powerful cloud based software and restaurant-grade hardware to deliver an intuitive all-in-one platform. Join us on our mission to empower the restaurant community to delight guests, do what they love, and thrive.
Are you bready* for a change?
We’re looking for a senior security operations specialist to join our rapidly growing security team. In this role, you’ll help our engineering organization identify, triage, and remediate security issues. You’ll work in tandem with our engineering teams to think about and act on security challenges through all phases of software development, and help us design and build new features to enhance the security of the Toast platform. The Toast security operations team is focused on building capabilities to monitor, detect, and respond across our environment. As a senior member you’ll be a major contributor to helping build the SOC and contribute to our vision. We are focused on an aspect of security that’s in its infancy by operationalizing cloud, application and mobile device security. These are the attack surfaces you would tackle with a welcomed creative approach. The ideal candidate is someone that can under take the “mindset of an attacker” and apply it to defense. You are some who stays abreast with emerging threats, embraces the security community, and seeks to contribute to it. We love security innovators who are always thinking about new and interesting solutions to keep pace with ever changing security landscape.
About this roll*:
- The Security Operations Center (SOC) Security Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels
- Identify anomalies generated by monitoring solutions within the environment
- Create signatures and tools to analyze and detect malicious activity within AWS and corporate environments
- Leverage EDR solution to respond to suspicious/malicious activity and continuously baseline solution
- Lead incident response efforts within the SOC while collaborating with other technology teams e.g. application security and DevOps
- Lead or contribute to threat hunting efforts
- Leverage programming languages to solve problems and automate solutions to security findings
- Ability to act as a team player
- Threat modeling experience; bonus points if you can apply threat modeling to application security and cloud infrastructure
- Foster a security mindset with our development by working with security champions
Do you have the right ingredients*?
- Interest in tackling security threats and contribution to the SOC build-out
- Strong understanding of Amazon Web Services(AWS) cloud application architecture & best security practices
- Experience with threat modeling and tabletop exercises
- Experience with incident response tabletop exercises
- Understanding and familiarity with penetration testing tools.
- Understanding of Red team/Blue team activities
- Familiarity with Mitre Att&ck Framework
- Familiar with mobile application threats (iOS, Android). Nice to have but not required.
- Familiar with containerization and orchestration technologies (Docker highly preferred)
- Experience leading threat hunting efforts. Bonus points if you can apply this to AWS
- Experience leveraging programming languages to solve problems and automate solutions to free SOC team members cycles (Java & Python ideal)
*Bread puns encouraged but not required