Senior DevSecOps Engineer, Kaia Health

• BS or MS in Computer Science or related field 5+ years of cybersecurity experience
• Have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
• Must have previous experience with AWS cloud environment and its security products (Cloudtrail, Cloudwatch, WAF, IAM)Experience with managing DLP/antivirus anti-malware/endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
• Understanding the investigative process and performing triage for cybersecurity incidents
• Experience writing and using simple Python, BASH, or Powershell scripts to automate cybersecurity functions
• Experience in deployment, development, and maintenance of SIEM
• Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
• Patching and configuration of Linux systems; Configuring delegated access control on Linux systems
• Ability to communicate effectively both verbal and written; excellent interpersonal skills
• Must be detail-oriented and organized with the ability to handle competing demands while meeting deadlines
• Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
• Proactive and motivated; team player with a positive can-do attitude
• You have excellent communication and interpersonal skills
• Fluent written and spoken English

Desirable

• Architects, designs, implements, maintains and operates information system security controls and countermeasures around AWS cloud environment
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance
• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches. Interacts and coordinates with third-party incident responders, including law enforcement
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments
• Supports Information Security Officer in Analyzing and developing information security governance with respect to information security and use and operation of information systems
• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs
• Assisting CISO in information security strategy and roadmap development