Senior Infrastructure Security Operator

This posting will close on October 13 at 9:00am ET but we encourage interested candidates to apply as soon as possible. Applications received before the closing date will be prioritized. Please note that the posting may remain open beyond the listed date depending on hiring needs.

The Senior Infrastructure Security Operatoris a critical member of D2Ls Infrastructure Security team. You will be theoperational front line of our cybersecurity program. This roleis responsible foron-call security monitoring incident response vendor assessments continuous improvement of security tooling and cross-functional collaboration to enforce security processes and policies.

Operators are expected to work hands-on in our security platforms respond rapidly to cybersecurity events and helpmaintaina resilient secure and audit-ready infrastructure environment.

Security Operations & Incident Response

• Serve as the initial on-call contact for suspected cybersecurity events.
• Investigatecontain and remediate incidents including virus malware ransomware and account compromise events.
• Partner with Managed Security Service Providers (MSSP) and internal stakeholders (such as Arctic Wolf Microsoft Defender for Endpoint Amazon Web Services AWSGuardDuty and AWS Security Hub) to triage and resolve alerts.
• Continuously tune detection systems to reduce false positives whilemaintaininghigh-fidelity detections.
• Contribute to the incident response lifecycle including root cause analysis lessons learned and playbook improvements.

Continuous Monitoring & Improvement

• Perform Dynamic Application Security Testing (DAST) on defined cadences (daily weekly and monthly) with tracked remediation.
• Enhance automation of monitoring and Key Performance Indicator (KPI) reporting covering Mean Time to Detect (MTTD) Mean Time to Respond (MTTR) vulnerability remediation rates and compliance audit scores.
• Monitor and track information security risks and artifacts throughout their lifecycle.
• Drive configuration compliance and secure-by-default practices across enterprise and product infrastructure.

Vendor & Relationship Management

• Manage day-to-day relationships with security vendors and service providers.
• Lead and support vendor risk assessments Request for Proposal (RFP) reviews and customer security questionnaires.
• Review third-party reports (such as System and Organization Controls SOC 2 International Organization for Standardization ISO 27001 penetration test reports) and ensure identified gaps are tracked and remediated.

Governance Policy and Cross-Functional Collaboration

• Work with Legal Compliance and Information Technology (IT) stakeholders to keep security processes policies and procedures current and enforceable.
• Support internal and external audits and assessments by providing security evidence.
• Act as a subject matter expert (SME) for security-related questions across the business.

Competencies

• Strong critical thinking and analysis in high-pressure environments.
• Ability to engage stakeholders and translate security controls into business context.
• Strong communicator able to break down complex concepts for different audiences.
• Self-directed with ability to achieve outcomes with minimal supervision.
• Agile learner able to synthesize information from diverse sources.
• Effective team player in matrixed and cross-functional environments.

Skills & Qualifications

• 5 years in security operations Security Operations Center (SOC) or incident response roles.
• Hands-on experience with security tools (Security Information and Event Management SIEM Security Orchestration Automation and Response SOAR Endpoint Detection and Response EDR or Antivirus AV vulnerability scanning and DAST).
• Strong knowledge of cloud environments such as Amazon Web Services (AWS) and Microsoft Azure as well as enterprise IT infrastructure.
• Experience with vulnerability management penetration testing and remediation tracking.
• Familiarity with information security frameworks and standards such as ISO 27001 National Institute of Standards and Technology NIST Special Publication 800-53 and SOC 2.
• Experience supporting vendor risk assessments and security due diligence.

Preferred

• Professional certifications such as Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Global Information Assurance Certification Certified Incident Handler (GCIH) Global Information Assurance Certification Certified Intrusion Analyst (GCIA) or equivalent.
• Experience with Governance Risk and Compliance (GRC) tools and audit evidence generation.
• Knowledge of risk management frameworks and compliance enforcement.
• Scripting or automation skills to enhance SOC efficiency.

Required Experience:

Senior IC