Zuora is looking for Senior Security Engineer to join our security operations organization to build and manage security of rapidly growing cloud infrastructure. As Senior Security Engineer you will have the opportunity to develop your analytical, strategic, and technical skills needed around cyber security foundation with elasticity and agility of public cloud.
Security Operations and Security Incident Response for SaaS and Enterprise Security Incidents
Audit, Detect and Remediate critical Security exposures
Monitor Security Dashboard for various sources to detect security exploits and exposures
Identify new security threats by conducting continuous monitoring, penetration testing, vulnerability assessments and log analysis
Security Incident Response Automation with CloudFormation, AWS Config, Lambda, Python, Ansible, Jenkins or other DevOps tools
Deep Threat Intel and security analysis using log analyzer: Sumologic, Splunk
Collaborate cross - functionally and engage with all levels of leadership to gather requirements, build appropriate cloud security technology roadmaps and implementation plans.
Provide technical leadership, solution design, and hands on development support for security controls for infrastructure and microservices deployments
Maintain strong awareness of events in the external community to identify threats and opportunities for enhancement.
Evaluate, test, implement and support third party security tools Required Experience and skills
MS or Bachelor in Computer Science or equivalent desired
2 - 5 years of experience with Security Threat Analysis
5+ Years of experience in security operations, system and/ or network security
1 - 3 years experience in AWS/ Public Cloud
Experience in any scripting language like: Python, Perl, Shell etc.
Experience in CI, CD Tools is a plus AWS Certification is plus Security Skills
IT Security Frameworks like CIS, NIST etc.
System and Network Security Processes and Protocols Authentication, Security firewalls & other security protocols.
Vulnerability Management, network penetration testing & remediation techniques Programming and Ops Skills
Knowledge of AWS Services and respective Security controls
Knowledge of AWS API and CLI for various AWS Services
Experience in one or more cloud security monitoring tools: Alert Logic, Threat Stack, Evident.io, Dome9, Cavirin
Experience of at least one cloud log analyzer or SIEM like Sumologic, Splunk, Elk Python, Bash, Perl Scripting experience Basic Linux System and Network Administration Soft Skills Self - starter, Customer Centric Attitude
High Collaboration and Influence Skills
Willingness to mentor other members within internal or external team
Ability to communicate technical concepts and complexity to all audiences