Olo is a leading open SaaS platform for restaurants that enables hospitality at every touchpoint.
Staff Security Engineer, Blue Team
Location
New York
Posted
176 days ago
Salary
0
Seniority
Lead
Job Description
Staff Security Engineer, Blue Team
Olo
• Guide and coach Olo’s Blue Team on Information Protection, Incident Detection and Response and Service Delivery. • You will provide strategic and technical oversight to the team and the program. • Technically lead a team of security engineers and analysts who hunt, detect, and respond to internal and external threats. • Collaborate with customers and partners to strengthen their security posture. • Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities. • Ultimately you will keep team member and customers data safe by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams.
Job Requirements
- 5+ years of Security Engineering, Security Operations or Security Architecture experience.
- CISSP, GCIH or similar certification preferred.
- Experience acting as technical lead to distributed teams consisting largely of remote engineers.
- Experience complying with PCI-DSS and other compliance and regulatory standards.
- Experience with attacker tactics, techniques and procedures.
- Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards.
- Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports.
- Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response).
- Deep understanding of operating system, networking and application concepts.
- Experience hardening Windows, MacOS, Linux Containers and Kubernetes.
- Familiarity with AWS security best practices and Infrastructure-as-Code.
- Experience deploying and maintaining security technologies. (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust).
- Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers.
- Ability to work during critical incidents or to support coverage requirements.
- Strong English writing and verbal communication skills
Benefits
- Health insurance
- Remote work options
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Data and Risk Analyst
IvantiIvanti finds, heals and protects every device, everywhere – automatically.
• Lead the execution of multiple functions: Taking ownership of and creating awareness around security-relevant key performance and key risk indicators • Develop automation for data gathering, analysis and presentation using Python and Go • Educate as well as inform audiences of a wide variety of security and risk expertise, including building libraries of material to support understanding of benefits and costs of security management. • Generating insights and supporting information for decisions to be made including wrangling data from complex data sets and data sources • Create dynamic dashboards and presentations • Articulate risk and risk management as realistic, measurable harm; Create dynamic dashboards and presentations • Support the Security Governance and executive workstreams, including analysis and presentations materials. • Coordinate, chair and present data to management, leadership and C-suite stakeholders in their languages.
• Define and lead the product security strategy for the medical device portfolio. • Ensure robust protection of patient data, device integrity, and regulatory compliance. • Partner with executive leadership, engineering, product management, regulatory, quality, and privacy teams. • Oversee end-to-end product security management including risk assessments and incident response. • Ensure compliance with FDA, HIPAA, GDPR, and international cybersecurity regulations and standards. • Drive alignment across engineering, regulatory, privacy, and quality teams. • Recruit, mentor, and develop a team of product security experts.
• Lead, mentor, and develop a blended IDR team (IR, SOC operations, threat detection, and security tooling engineers) • Lead cyber incident investigations across the environment and oversee root cause analysis • Lead the design and operation of detection capabilities aligned with compliance requirements and risk appetite • Oversee the development of threat models and provide guidance on improving cyber defense posture • Execute and oversee a process of a data driven methodology for measuring cyber defense effectiveness • Coordinate cross-functional response activities with IT infrastructure, applications, OT/ICS teams, legal, HR, communications, and other stakeholders • Establish and track metrics to measure defense effectiveness, report outcomes and trends to leadership
• Leading Oklo’s business development efforts across defense, national security, and federal agencies • Managing and growing existing relationships, cultivating new opportunities • Leading commercial and strategic engagements, partnership structures • Developing proposals, negotiating commercial agreements, relationship management, team leadership • Close collaboration with Oklo’s executive leadership
