Senior Security Operations Engineer
Senior Security Operations Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Founded in 2014 League is the leading healthcare consumer experience (CX) platform powered by artificial intelligence (AI) reaching more than 63 million people around the world and delivering the highest level of personalization in the industry. Payers providers and consumer health partners build on Leagues platform to deliver high-engagement healthcare solutions proven to improve health outcomes. League has raised over $285 million in venture capital funding to date powering the digital experiences for some of healthcares most trusted brands including Highmark Health Manulife Medibank and Shoppers Drug Mart.
Position Summary
Leagues Security Engineering teams are responsible for scaling security in the development lifecycle and managing security incident management. We believe in security by design and follow a paved road philosophy by building or buying tools that we can integrate into our platform to ultimately make it easier for our engineers to do the right thing. As a Senior SecOps Engineer you will care deeply about what goes bump in the night. You have peers in Security Engineering who care about build it secure at League your role is to ensure both validation and response occurs when inevitable challenges arise. This role will focus on detection response tuning and refinement. Security Engineers and Analysts on our SecOps team take pride in response.
As always if this is your skillset we encourage you to apply. We also accept and encourage applicants who have existing software engineering experience and want to explore security and applicants who may have done a security program in a post-secondary institution. There are people across the engineering organization who are ready to help grow technical skills and who want to learn more about security.
About the Role
- Security Monitoring and Incident Response:
- Monitors security events and alerts from various sources (SIEM endpoint detection SASE etc.) and analyzes them to identify potential security incidents.
- Leads security incident response efforts including investigation containment eradication and recovery.
- Develops and maintains incident response plans playbooks and procedures.
- Coordinates with cross-functional teams (IT Engineering Legal etc.) during security incidents.
- Perform root cause analysis of security incidents and recommend preventive measures. Independently analyzes complex security incidents identifying root causes and developing solutions and drives them to completion.
- Participate in an on-call rotation.
- Security Tooling and Automation:
- Manage and maintain security tools and technologies such as SIEM EDR and SASE platforms.
- Develop and implement automation scripts and workflows to improve security operations efficiency and effectiveness.
- Demonstrated ability to leverage GCP services (e.g. Cloud Functions Cloud Run) to host and automate security scripts and tools for event enrichment and response.
- Proficiency in utilizing GCP services like Pub/Sub Dataflow BigQuery and Cloud Storage for data processing analysis and enrichment.
- Evaluate and recommend new security tools and technologies to enhance our security posture.
- Manage and maintain infrastructure through Terraform.
- Threat Management:
- Conduct threat research and analysis to identify emerging threats and vulnerabilities.
- Develop and implement threat detection rules and use cases.
- Security Engineering and Architecture:
- Contribute to the design and implementation of security systems architectures and solutions.
- Evaluate and recommend security controls for new and existing systems.
- Ensure security best practices are followed in system development and implementation.
- Collaboration and Communication:
- Collaborate with other teams to ensure security is integrated into all aspects of the organizations operations.
- Communicate security risks and issues to technical and non-technical audiences including leadership.
- Mentors and provides guidance to junior security analysts and engineers to develop their technical growth.
- Compliance and Reporting:
- Ensure compliance with relevant security standards and regulations (e.g. HITRUST NIST GDPR).
- Prepare and present security reports to management.
- Participate in routine audits within the organization
About You
- Bachelor of Science degree (BS) in Computer Science (or a related field)
- 5 years of experience in security operations incident response or a related role.
- Deep and broad technical understanding of security concepts principles and technologies.
- Experience with security monitoring tools (e.g. SIEM EDR) including configuration and administration of these tools.
- Proven leading and coordinating incident response processes and methodologies.
- Proficiency in scripting languages (e.g. Python Go).
- You have some Infrastructure as Code (Terraform Ansible) experience or a strong desire to learn.
- Experience with threat intelligence platforms and implementing these in security operations.
- Strong analytical and problem-solving skills.
- You are a collaborator at your core
- Excellent communication and interpersonal skills.
Nice to Haves
- Security certifications (e.g. OffSec Certifications GIAC Certifications).
- Experience with digital forensics
- Experience with cloud security (AWS Azure GCP).
- Experience with Security OrchestrationAutomation and Response (SOAR).
- Knowledge of networking protocols and security.
- Contributions to the security community at League and more broadly (eg. blog posts conference presentations etc.)
Security-Related Responsibilities
- Compliance with Information Security Policies
- Compliance with Leagues secure coding practice
- Responsibility and accountability for executing Leagues policies and procedures
- Notification of HR Legal Compliance & Security of any incidents breaches or policy violations
CANADA APPLICANTS ONLY: The Canada-specific compensation range below for this full-time position is exclusive of bonus equity and benefits. This range reflects the minimum and maximum target for base salaries for the position across all Canadian locations. The salary range is intentional to account for the performance and career progressions a Leaguer will experience in the role throughout their time at League. Where in the band you may land is determined by job-related skills/experience. Your recruiter can share more about the specific salary range specific to your skills and experience during the hiring process.
Compensation range for Canada applicants only
$130600 - $163200 CAD
We are committed to equal employment opportunity regardless of race color ancestry religion sex national origin sexual orientation age citizenship marital status disability gender identity or Veteran status. If you are an individual in need of assistance at any time during our recruitment process please contact us at .
- You should receive a confirmation email after submitting your application.
- A recruiter (not a computer) reviews all applications at League.
- If we see alignment with Leagues needs a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
- The final step is an offer which we hope you will accept!
- Prior to joining us we conduct reference and background checks. Additional checks could be required for US Candidates depending on the role you are exploring.
- Learn about our platform leadership team and partners
- Highmark Health Google Cloud League: new digital front door to seamless care
- Former Providence President and Workday EVP of Corporate Strategy join League Board of Directors
- League raises $95 million USD in Series C to build worlds leading healthcare CX platform
- Forbes x League: The Platformization Of Healthcare Is Here
- Fast Company x League: If we want better innovations in healthtech we need more competition
Recognize and Avoid Employment scams. Practice safe job searching.
Scammers are getting craftier and leveraging fake job postings to get personal information. Know the warning signs and protect yourself from scammers. Learn more here.We are committed to ensuring fairness and transparency throughout our hiring process. League may use Artificial Intelligence (AI) tools to assist in the screening of applicants for this position. Please check out our stance on using AI in recruitment here.
Required Experience:
Senior IC
Employment Type
Full Time
