Remote Senior Information Security Specialist

Description:

• We are seeking a Senior Information Security Specialist to join one of our client's teams.
• This role will report to the head of Information Security while leading and continuing to build the Security and Incident Response function.
• You will partner with internal stakeholders, vendors, and Infosec management to own projects, solutions, and key responsibilities within the larger business initiatives of a hyper-growth company.
• Participate in security incident response planning and exercises.
• Develop and carry out Security Operations and Incident Management procedures and policies.
• Support the front line responder by identifying, triaging, and remediating security events, anomalies, and incidents.
• Provide incident response support as a key stakeholder.
• Collaborate with the security and engineering teams to proactively improve and secure systems from future attacks.
• Implement detective and protective security controls across the infrastructure and systems to improve security maturity.
• Utilize Sumo Logic logging and monitoring platform to publish security metrics.
• Conduct awareness training of the workforce on information security standards, policies, and best practices.
• Develop, implement, and maintain information security policies, standards, and procedures.

Requirements:

• Candidates must have 2+ years of experience with Security Operations (SOC) and Incident Detection/Response programs.
• Hands-on experience in administering security technologies and tools such as Zerotrust Access solution, WAF, and IAM solutions is required.
• A minimum of 2+ years of cyber risk management or compliance program experience is necessary.
• Exposure to managing Enterprise PaaS solutions (AWS, GCP) and cloud security tooling is essential.
• The ability to manage multiple vendors, contracts, and 3rd party escalations is required.
• The ideal candidate will have experience across a range of cloud security technical disciplines and may have had past jobs such as Detection & Response lead, Threat, & Vulnerability Management (TVM) engineer, or other real-world Blue or Red team responsibilities.
• Direct experience leading security incident teams, including monitoring, detection, response, and threat-hunting functions across Enterprise and Product services is necessary.
• Candidates should have experience leading a roadmap for automation and orchestration to help scale and mature security incident response activities.
• Strong communication skills, both orally and written, with all levels of management and end-users across varying levels of technical backgrounds are required.
• A customer service-oriented person with a problem-solving attitude is preferred.
• A minimum of 5+ years of relevant experience working in Information Security in a cloud-first environment is required, with at least 2 years in a dedicated incident response, threat & vulnerability management, or digital forensics role.
• Experience deploying and operating a security information and event management tool (SIEM) or other security operations (SOC) related technologies for 2+ years is necessary.
• A Bachelor’s degree in Computer Science, Programming, or a related field, or an equivalent combination of education and experience is required.
• Relevant Professional certifications such as CISSP, GCIA, GCIH, OSCP, or similar are highly desirable.
• Experience with the Mitre Att&ck Framework and associated tactics and techniques or other threat modeling exposures is preferred.
• Proficiency in Network and Security technologies is required.
• Experience using log and data analysis platforms such as Splunk, Sumologic, Datadog, Grafana, etc., is necessary.
• Familiarity with Crowdstrike and AWS security tooling in cloud environments or similar products and services is preferred.
• Nice to have: Programming skills, experience with Kubernetes, AWS Certifications, static and/or dynamic code analysis tooling, and experience writing SDLC-related policy.

Benefits:

• RYZ Labs offers a remote position, allowing candidates from Argentina or Uruguay to apply.
• The company provides an environment of opportunities, learning, growth, expansion, and challenging projects.
• Employees will work with autonomy and efficiency, owning every step of their development.
• Team members will deepen their experience while sharing and learning from a team of great professionals and specialists.
• The company values a customer-first mentality, urgency, ownership, humility, respect, frugality, delivering impact, and raising standards.