CloudLinux is looking for a Lead Security Operations Engineer to drive the development, implementation, and operational excellence of our detection, incident response, and threat intelligence capabilities. This role is central to strengthening our global security posture by enhancing visibility, improving response processes, and leading critical security initiatives for our high-volume, low-cost Linux infrastructure and security products.
What You'll Do
- Incorporate security practices into infrastructure and automation processes.
- Collaborate with development and operations teams to embed security measures into the entire software development lifecycle.
- Create detection rules to catch attackers and pursue unusual strategies to radically improve detection ability and speed.
- Stay current with security standards and regulations.
- Identify security innovation tools and lead implementation solutions from proof of concept to production.
- Manage and implement cloud security controls (identity, access management, organizational policies).
- Evolve tooling, logging, monitoring, and alerting systems to increase observability and transparency.
- Triage, investigate, and escalate security alerts, and provide recommendations for remediation.
- Document procedures and best practices to ensure effective knowledge sharing.
- Configure and operate security scanning tools, collaborating with engineering teams to optimize alert rules.
- Develop a comprehensive understanding of systems, environments, and tools.
What We're Looking For
- Experience in an IT/security-related role (SecOps/Blue Team experience, etc.).
- Experience in triaging security alerts and executing incident response.
- Experience with building, configuring, and managing patch management tools.
- Practical knowledge of tools and tech stack components (EDR, Vulnerability Scanner, SIEM, Cloud).
- Practical knowledge of fundamental security concepts (network/endpoint security, security alert triage, basic application security).
- Experience building and maintaining monitoring and alerting capabilities.
- Deep expertise with Linux-based operating systems.
- Critical thinking and ability to balance security requirements with mission needs.
- Innovative approach.
- Be an IT Security enthusiast with thorough knowledge and expertise in security and software development.
- Thorough understanding of the latest technologies, security principles, and protocols.
- Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods.
- At least C1 and a higher level of English proficiency.
Nice to Have
- Relevant information security certifications: CISSP, OSCP, OSCE, LPT, etc.
- Experience in modern container orchestration projects.
- Experience with cloud vendors - GCP, Azure, AWS.
- Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc.
- Knowledge of/experience with information security standards and frameworks: PKI, WS-Security, X.509, SSL/TLS, etc.
- Bachelor's degree in Computer Science, Information Security, or related field.
- Experience in CTF or bug bounty programs.
- Knowledge of application security practices and tools.
Technical Stack
- EDR
- Vulnerability Scanner
- SIEM
- Cloud (GCP, Azure, AWS)
- Linux-based operating systems
Benefits & Compensation
- A focus on professional development.
- Interesting and challenging projects.
- Fully remote work with flexible working hours, work from any location worldwide.
- Paid 24 days of vacation per year.
- 10 days of national holidays.
- Unlimited sick leaves.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Budget for education.
- Opportunity to receive a reward for the most innovative idea that the company can patent.
Work Mode
This is a global, fully remote position. You can work from any location worldwide with flexible hours.
CloudLinux is an equal opportunity employer.
