Summary
Join Raya, a technology company operating exclusive membership-based social networks, as a Blue Team Lead Security Engineer. Lead and enhance defensive security capabilities, proactively identifying and mitigating threats. Mentor and guide other security team members. The ideal candidate possesses deep security knowledge, advanced technical expertise, and a passion for threat landscape awareness. Raya offers comprehensive benefits including medical/dental coverage, a food delivery budget, equity, unlimited vacation, paid parental leave, and travel stipends. This role requires extensive experience in cybersecurity, strong analytical skills, and excellent communication abilities.
Requirements
- 5+ years of experience in a cybersecurity role, with a focus on blue team operations
- Strong understanding of security principles, frameworks, and best practices (e.g., MITRE ATT&CK, NIST Cybersecurity Framework)
- Extensive experience with security tools and technologies, including SIEM systems, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR) solutions, vulnerability scanners, and log management tools
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and tool development
- Experience with threat intelligence platforms and sources
- Strong analytical, problem-solving, and troubleshooting skills
- Excellent communication and interpersonal skills
- Ability to work independently and as part of a team
Responsibilities
- Lead real-time security monitoring efforts, including analyzing logs and providing incident response coverage and support
- Triage and investigate security alerts, identify root causes, and implement effective containment and remediation strategies
- Develop and maintain incident response plans and procedures
- Design, develop, and implement threat detection rules and alerts to identify malicious activity
- Continuously improve detection capabilities based on emerging threats and vulnerabilities
- Optimize security tools and technologies for efficient and effective threat detection
- Increase signal fidelity and reduce false positives in our Security Information and Event Management (SIEM) system
- Develop and implement strategies to improve the quality and relevance of security data within the SIEM
- Customize and configure the SIEM to meet specific security needs and objectives
- Integrate and operationalize threat intelligence feeds to enhance detection and prevention capabilities
- Analyze threat intelligence reports to identify relevant threats and vulnerabilities
- Develop and implement proactive measures to defend against known and emerging threats
- Create and implement systems and processes to improve event analysis and correlation (e.g., leveraging AI, machine learning, and automation)
- Develop tools and scripts to automate security tasks and improve efficiency
- Evaluate and recommend new security technologies and solutions
- Create, configure, and manage security scanners for vulnerability assessments and penetration testing
- Conduct regular vulnerability scans and analyze results to identify security weaknesses
- Prioritize and track vulnerabilities, and work with relevant teams to ensure timely remediation
- Conduct proactive threat hunting activities to identify and investigate potential security threats that may evade traditional detection methods
- Develop and utilize threat hunting methodologies and techniques
- Analyze network traffic, system logs, and other data sources to uncover malicious activity
- Perform regular vulnerability scanning of systems and applications
- Conduct security assessments to identify potential weaknesses
- Work with development and operations teams to remediate identified vulnerabilities
- Provide technical leadership, guidance, and mentorship to junior security engineers and analysts
- Foster a collaborative and knowledge-sharing environment within the security team
- Contribute to the development of security best practices, policies, and procedures
Preferred Qualifications
- Experience with cloud security (e.g., AWS, Azure, GCP)
- Knowledge of AI/ML concepts and their application to security
- Experience with DevSecOps practices
- Relevant security certifications (e.g., CISSP, GCIH, GCIA, CEH) are highly desirable
Benefits
- Comprehensive medical and dental coverage
- $50 a day food delivery budget
- Equity based employment
- A great culture
- Learning opportunities
- Unlimited vacation
- 12 weeks paid parental leave
- $1,000 a year to go somewhere in the world that theyβve never been
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.