5+ years of experience in incident response, security investigations, and running incidents as the incident commander.
Experience supporting security operations for SaaS and mobile applications
Experience using security tools such as EDR, DLP, SIEM, and SOAR
A strong understanding of cloud platforms and technologies (EKS, Kubernetes)
Hands-on experience with tracking, prioritizing, and driving remediation efforts for vulnerabilities across the company.
Strong analytical and problem-solving skills, with the ability to proactively identify security gaps, propose solutions, and drive security initiatives based on data-driven insight.
Ability to independently lead security initiatives, making data-informed decisions to improve security monitoring, incident response, and risk mitigation.
The willingness to adapt to new security technologies and stay up-to-date with emerging threats and best practices.
Experience collaborating with teams individually, explaining security concepts to technical and non-technical stakeholders.
Strong communication and collaboration skills
Work effectively as part of a geographically distributed team.
Responsibilities:
Monitor security events and incidents to detect potential threats and vulnerabilities.
Respond to security incidents and oversee the incident response process.
Implement and monitor security measures for the protection of LTK infrastructure and assets.
Create incident response policies, standards, and runbooks.
Develop and conduct security incident training, tabletop exercises, and dry runs.
Optimize threat detection and response processes to improve security investigations and remediation efforts.
Articulate risk and impact to product, engineering, and other business leaders with the ability to convey the urgency and need to remediate a threat or vulnerability commensurate with the risk it presents to LTK.
Conduct proactive threat hunting based on threat intel information.
Perform root cause analysis (RCA) and incident reviews.
Design and collect incident response metrics to improve the efficiency and effectiveness of incident response plans.
Maintain strong knowledge of ongoing security threats, remediations, and operational best practices in the incident response.
Participate in the Security Incident Handler on-call rotation.
Lead automation and integration efforts to improve the efficiency of security operations in coordination with other involved parties.
Drive remediation efforts within LTK to increase the efficiency of vulnerability management processes.
Articulate risk and impact to product, engineering, and other business leaders with the ability to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents to LTK.
Participate in security audits and assessments to ensure compliance with regulatory requirements and industry standards.
Maintain strong knowledge of ongoing security threats, remediations, and operational best practices in threat and vulnerability management.