CloudLinux is hiring a Lead Security Operations Engineer to drive the development and operational excellence of our detection, incident response, and threat intelligence capabilities. You will be instrumental in strengthening our security posture by enhancing visibility, improving response processes, and leading critical initiatives.
What You'll Do
- Incorporate security practices into infrastructure and automation processes.
- Collaborate with development and operations teams to embed security measures throughout the software development lifecycle.
- Create detection rules to catch attackers and pursue unusual strategies to radically improve detection ability and speed.
- Stay current with security standards and regulations.
- Identify security innovation tools and lead implementation solutions from proof of concept to production.
- Manage and implement cloud security controls for identity, access management, and organizational policies.
- Evolve tooling, logging, monitoring, and alerting systems to increase observability and transparency.
- Triage, investigate, and escalate security alerts, and provide recommendations for remediation.
- Document procedures and best practices to ensure effective knowledge sharing.
- Configure and operate security scanning tools, collaborating with internal and external teams to optimize alert rules.
- Develop a comprehensive understanding of systems, environments, and tools.
What We're Looking For
- Experience in an IT or security-related role, such as SecOps or Blue Team.
- Experience in triaging security alerts and executing incident response.
- Experience with building, configuring, and managing patch management tools.
- Practical knowledge of tools like EDR, Vulnerability Scanner, SIEM, and Cloud technologies.
- Practical knowledge of fundamental security concepts, including network/endpoint security, alert triage, and basic application security.
- Experience building and maintaining monitoring and alerting capabilities.
- Deep expertise with Linux-based operating systems.
- Critical thinking and the ability to balance security requirements with mission needs.
- An innovative approach to problem-solving.
- Be an IT Security enthusiast with thorough knowledge in both security and software development.
- A thorough understanding of the latest technologies, security principles, and protocols.
- Ability to demonstrate comprehensive, practical knowledge of research, collection skills, and analytic methods.
- At least a C1 or higher level of English proficiency.
Nice to Have
- Relevant information security certifications: CISSP, OSCP, OSCE, LPT, etc.
- Experience in modern container orchestration projects.
- Experience with cloud vendors: GCP, Azure, AWS.
- Knowledge of international information security and data protection standards: ISO 27XXX, PCI DSS, GDPR, etc.
- Knowledge of information security standards and frameworks: PKI, WS-Security, X.509, SSL/TLS, etc.
- A Bachelor's degree in Computer Science, Information Security, or a related field.
- Experience in CTF or bug bounty programs.
- Knowledge of application security practices and tools.
Technical Stack
- EDR
- Vulnerability Scanner
- SIEM
- Cloud (GCP, Azure, AWS)
- Linux-based operating systems
- Container orchestration
Benefits & Compensation
- A focus on professional development.
- Interesting and challenging projects.
- Fully remote work with flexible hours, work from any location worldwide.
- Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leave.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Budget for education.
- The opportunity to receive a reward for the most innovative idea that the company can patent.
Work Mode
This is a fully remote, global position open to candidates in any location worldwide.
CloudLinux is an equal opportunity employer.
