Security Operations Lead

Summary

Join Onit, a global leader in enterprise workflow solutions, as a Security Operations Lead. You will lead the Security Operations team, manage vulnerability testing and security audits, implement cloud-native security tools, and define and execute the incident response plan. This role requires at least 5 years of information security experience, with a focus on cloud security and proficiency in AWS. Strong communication and problem-solving skills are essential. The ideal candidate will have experience leading and mentoring a team and relevant certifications.

Requirements

• Minimum of 5 years of experience in information security, with at least 2 years focused on cloud security
• Proficient in AWS with a strong understanding of AWS networking/VPC, IAM, Security Groups, EC2, RDS, S3, and containers (EKS/ECS)
• Knowledge of various AWS Native Security tools, security frameworks, and CSPM tools
• Experience in security tools such as vulnerability scanners, IDS/IPS, firewalls, and endpoint security monitoring
• Experience with threat detection and threat intelligence
• Experience securing large-scale SaaS-based enterprise applications
• Familiarity with security frameworks such as NIST and ISO 27001
• Strong communication, problem-solving, and collaboration skills

Responsibilities

• Lead the Security Operations team, providing SecOps support during US Central Time business hours
• Manage and conduct vulnerability testing, penetration testing, and client security audits
• Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response
• Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations
• Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation
• Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response
• Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action
• Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment
• Develop and tune detection rules, alerts, and reports within SIEM tools to enhance threat visibility and response
• Assist with the development and updates of Security Policies for SOC2 and ISO27001 compliance

Preferred Qualifications

• Experience in leading and mentoring a team, fostering a security-first culture
• Certifications such as CCSP, AWS Security, OSCP, or equivalent are preferred
• Experience with Cloudflare and/or AWS WAF configurations
• Experience with AWS Guard Duty and CrowdStrike