Hims & Hers is looking for a Senior Corporate Security Engineer to protect our corporate infrastructure through advanced threat detection, incident response, and security operations. You will join our mission to help the world feel great through the power of better health by defending our environment against evolving threats using cutting-edge security technology.
What You'll Do
- Manage and optimize Sumo Logic SIEM for threat detection and investigation
- Implement and maintain Netskope SASE/ZTNA solutions for zero-trust security
- Conduct threat hunting using Recorded Future threat intelligence and YARA rules
- Develop and maintain detection rules and correlation logic in the SIEM
- Orchestrate security operations using the Tines SOAR platform
- Manage CrowdStrike EDR deployment and incident response
- Lead incident response activities as required
- Analyze security events and conduct forensic investigations
- Develop and maintain security runbooks and automation playbooks
- Monitor and respond to security alerts 24/7 through established procedures
- Collaborate with SOC team members on complex investigations
- Implement and maintain security controls for cloud environments (AWS, Azure, GCP)
- Maintain compliance with NIST CSF, NIST 800-53, SOC 2, and PCI DSS
- Produce security metrics and reports for leadership
What We're Looking For
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field
- 5-8 years of experience in security operations, incident response, or a similar role
- Hands-on experience with SIEM platforms (Sumo Logic or similar like Splunk, QRadar)
- Experience with SASE/ZTNA solutions (Netskope or similar like Zscaler, Prisma Access)
- Threat hunting experience including writing and deploying YARA rules
- Experience with EDR platforms (CrowdStrike or similar)
- Understanding of threat intelligence platforms and methodologies
- Incident response and forensics experience
- Basic understanding of cloud platforms (AWS, Azure, GCP)
- Knowledge of security frameworks: NIST CSF, NIST 800-53, SOC 2, PCI DSS
- Strong analytical and problem-solving skills
Nice to Have
- Industry certifications from EC-Council, SANS, ISC2, or OffSec
- Experience with Recorded Future or similar threat intelligence platforms
- SOAR platform experience (Tines, Phantom, Demisto)
- Advanced YARA rule development
- Scripting abilities (Python, PowerShell, Bash)
- Experience with the MITRE ATT&CK framework
- Cloud security certifications
- Experience with security data analytics and visualization
- Knowledge of CISA best practices
- Experience in healthcare or regulated industries
Technical Stack
- Sumo Logic SIEM
- Netskope SASE/ZTNA
- Recorded Future
- YARA
- Tines SOAR
- CrowdStrike EDR
- AWS, Azure, GCP
Team & Environment
You will collaborate closely with SOC team members on investigations and operations.
Benefits & Compensation
- Competitive salary & equity compensation
- Unlimited PTO, company holidays, and quarterly mental health days
- Comprehensive health benefits including medical, dental & vision, and parental leave
- Employee Stock Purchase Program (ESPP)
- 401k benefits with employer matching contribution
- Offsite team retreats
Hims & Hers considers all qualified applicants for employment, including applicants with arrest or conviction records, in accordance with fair chance laws.
