Staff Security Engineer - SecOps & Threats

Responsibilities

• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap
• Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis
• Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts, ensure incident resolution, and perform root cause analysis
• Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services
• Perform security forensics
• Build security tools and advanced automation that enable the 6sense Security Team to operate at speed and scale
• Propose, plan, lead, and execute threat exercises based on current security trends, advisories, publications, and academic research
• Mentor engineers across Information Security to drive security controls and risk remediation
• Communicate risks and mitigations across multiple audiences with varying levels of sensitivity
• Execute on quarterly individual Key Results that support team Objectives (OKRs)

Performance Measurement

• Maintains up-to-date knowledge of 6sense's product, environment, systems, and architecture
• Actively prepares for weekly 1:1s with Manager and monthly skip levels
• Takes part in the Security Operations on-call rotation
• Mitigates security exposures
• Drives incidents to closure within established SLAs
• Participates in creation of milestones associated with major security projects
• Executes on milestones associated with major security projects
• Develops and maintains up-to-date handbook pages, runbooks, workflows, and dashboards
• Provides project status updates on a weekly basis

Educational and Experience Requirements

• 5+ years of experience being part of a Security Operations or similar team
• 3+ years of experience developing automation
• 2+ years of experience conducting adversary emulation exercises
• Experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS)
• Experience with industry frameworks, regulations, and standards, such as: MITRE ATT&CK, STRIDE, PASTA, ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc.

Preferred Qualifications

• Bachelor's degree in a related field
• Relevant industry certifications, such as CISSP, CISM, or GIAC

Compensation

Base Salary Range: $231,089.25 - $265,930.90. Actual salaries may vary based on work location and experience. Includes bonus, stock options, health insurance, 401K matching, PTO, and self-care days.