Stop looking for jobs far away from home. We have daily job offers published just for you!

Security Operations Engineer

Veeva Systems

This is a Contract position in Toronto, ON posted September 8, 2017.

Job DescriptionOur Culture & People Our core values are Employee Success, Customer Success, and Speed. We are innovators, collaborators, and thought leaders out to create best-in-class solutions that help our customers improve and extend human life. It’s genuine, straight-forward, and no fuss. Job Summary The Security Operations Engineer is a role embedded within the Global IT Team and provides focus on the operational aspects of security –specifically in terms of enforcing compliance, detection of threats, identification of vulnerabilities, and responding to findings highlighted by penetration testing, where the SecOps Engineer is expected to provide remedial action. In this role, you will work closely with the core IT Operations, Security, and Quality teams to strengthen Veeva’s security policy and process in addition to systems and infrastructure. Location: Pennsylvania or Toronto Responsibilities * Define and execute the process to monitor security events and alerts from various IT security tools * Periodic reviews of existing network security, cloud based access policies, end user security configurations. Make changes, as needed, to the configurations. This may require development of new data feeds and services including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregation of these sources * Write tools, and use automation and repeatable processes, wherever possible, to cut through the noise and enable everyone to focus their time on the important security events. * Support forensic recovery and support, event management, threat feed assessment, spam investigation, penetration testing, network sensor audits, proactive defense and security event management. * Document security incidents, drawing evidence from event logs, error messages, and user activity to identify future risks from which remedial action can be taken. Communicating ongoing threats and detections through reports * Trend analysis of security incidents and recommendation of corrective action Requirements * 2+ years of experience in an IT Operations role, ideally with some exposure to Security, Incident Response, or Techops * Experience and interest in Log Management, Security Event Correlation, SIEM technology, firewalls, and intrusion detection and prevention systems * Expertise in incident response technologies and signature development and analysis of false positive alerts * Experience assessing and hardening security configurations for operating systems, applications and services * Strong written and verbal communication skills * Able to take ownership and set direction in grey areas * A burning desire to grow in both engineering and security expertise Nice to have * Understanding of scripting languages and technologies such as shell scripting, Perl, JavaScript, VBScript or others. * Exposure to web application assessment tools such as Burp Proxy, Metasploit, Nessus, etc. * Exposure with log analytics and writing security alert queries * Exposure to Web-Application & Network penetration testing * Experience in research and development in the security field is desired * Understanding of the TCP/IP Stack, Web-Application Architecture, Encryption fundamentals & OWASP Top 10 * Able to work independently or with a team * Able to multi-task and deliver consistently on deadlines * Able to give training and communicate vulnerabilities to developers/managers