Staff Security Engineer (Blue Team)

5+ years of Security Engineering, Security Operations or Security Architecture experience. CISSP, GCIH or similar certification preferred. Experience acting as technical lead to distributed teams consisting largely of remote engineers. Experience complying with PCI-DSS and other compliance and regulatory standards. Experience with attacker tactics, techniques and procedures. Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards. Experience developing and leading incident response, remediation and mitigation activities. Experience analyzing security events to discern events that qualify as a legitimate security incident. Deep understanding of operating system, networking and application concepts. Experience hardening Windows, MacOS, Linux Containers and Kubernetes. Familiarity with AWS security best practices and Infrastructure-as-Code. Experience deploying and maintaining security technologies. Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers. Ability to work during critical incidents or to support coverage requirements. Strong English writing and verbal communication skills

Guide and coach the Blue Team on Information Protection, Incident Detection and Response, and Service Delivery. Provide strategic and technical oversight. Technically lead a team of security engineers and analysts for threat hunting, detection, and response. Collaborate with customers and partners to strengthen their security posture. Drive optimizations by implementing new technologies, addressing threats, scaling practices, and automating security activities. Keep team member and customer data safe by identifying and mitigating vulnerabilities and risks. Lead Olo's Information Protection program. Oversee Vulnerability Management program. Oversee Threat Hunting program. Manage non-event driven security reviews. Apply Web application and API security principles. Oversee Incident Detection and Response program. Coordinate the detection and response to attacks. Ensure incident reports are accurate, detailed, and relevant. Monitor, detect, and remediate misconfigurations and security risks. Participate in a 24/7 on-call rotation. Oversee Security Services program.