Manager, Security Operations
LogRhythm is a world leader in NextGen Security Information and Event Management (SIEM), empowering organizations to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. Our platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant. We are based in Boulder, CO with offices in Maidenhead UK, Australia, Singapore, Germany and The Netherlands.
Opportunity
There will be few roles out there which can match the dynamics at play with this position. We have some of the strongest security engineers in the area who are working to advance the innovative features within the solution. In addition to protecting our network, systems, applications, and employees, you’ll have the ability to fuel the product and accelerate your career in cyber security. Our environment naturally steers towards high performers that relish the opportunity to collaborate with industry professionals committed to pushing the limits when it comes to ethical hacking, active defense and anomaly correlation, where the threat landscape can change on a dime.
Responsibilities
- Management and oversight of LogRhythm’s security operations team; inclusive of both red (vulnerability and penetration) and blue (monitoring, detection, and response) teams; technical lead and personnel manager
- Partner with IT, Engineering, Incident Response, and MSSP partners, to monitor the security of LogRhythm’s global workforce.
- Develop, maintain, and enforce security operations policies, standards, and processes; seeking continuous improvement and driving efficiency
- Use industry-leading commercial and open source software to detect, evaluate, triage, prioritize, and respond to security events.
- Perform malware analysis, respond to security incidents, perform forensic investigations, and assist with product security initiatives.
- Support research and development, security module creation, automation, and process improvement. Help advance security systems and develop improved security architecture.
- Manage and execute vulnerability assessments and penetration tests of network, systems, applications, and LogRhythm products
- Provide guidance and support to the development of corporate information security policies, standards, and guidelines.
Qualifications
- Security professional with 5-10+ years of hands-on deep technical experience in the industry. Must have experience as technical lead or manager in the security industry.
- Experience with security analysis, threat hunting, forensics, flow analysis, endpoint, network security and log management.
- Deep understanding of attacker tactics, techniques, and procedures
- Experience performing vulnerability assessments and penetration tests for systems, applications, and networks
- IDS/IPS management, PCAP carving, file extraction, and long tail analysis experience
- Strong understanding of SIEM technology and network forensics
- Demonstrable experience with one or more of the following:
- Python, PowerShell, Bash, PHP, HTML, .NET, C#, C++
- Security Certifications are nice to have but not required. A few recommended ones:
- OSCE, OSCP, GMON, GCED, GREM, GCIA, GCIH, GSEC, CISSP, etc.
- General understanding of industry standards, compliance, and legal guidelines:
- ISO 27001, NIST 800-53, SOC 2, SSAE 16, SOX, HIPAA, etc.
LogRhythm is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.