Senior Security Operations Engineer
We are seeking a Senior Security Engineer to join our Security team. Arcus SecOps engineering team implements, enhances, and manages various tools and technologies used to identify and protect corporate assets, detect security events, and enable security incident responses. As an Arcus Senior SecOps Engineer, you will architect, implement, monitor, analyze and remediate in several security technology categories including IAM, SIEM, SOAR, SWG, WAF, EDR/XDR, CASB, UEBA, DLP and vulnerability management. Although experience with the specific vendor tools would be helpful, we are more interested in your in-depth expertise in multiple of these categories, regardless of the specific vendor.
The Arcus Biosciences IT organization is in the business of trust and reliability. We create, maintain, and operate scalable technology and data solutions that deliver an exceptional experience for our rapidly growing global operations. We embrace Agile principles and values, favor DevSecOps practices, and view infrastructure as code, all while we create an infrastructure that scales and supports our growth and ambitious vision. This requires a smart, highly collaborative team who can identify, investigate, and implement new technologies to continue securely scaling our operations.
This position is an Individual Contributor, reporting to Director, IT Quality, Security, and Compliance and Head of IT.
We are in the San Francisco bay area, the heart of the world’s premier biotechnology research hub. Arcus offers a competitive compensation and benefits package, including participation in the aggressive growth of the company in the form of stock option grants.
Arcus is at the forefront of designing precision combinations in the pursuit of cures for patients living with cancer. Come join our team!
Duties and Job Functions:
- Oversee planning, design, implementation, testing, and operation of cyber security processes and systems
- Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations
- Provide direction of business process and security architecture design as it relates security analyst tools for security incident management
- Administer security configuration for threat management platforms for a wide array of environments including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools
- Perform forensic analysis of digital information and gathers and handles evidence
- Build automation for identification, response, and remediation of malicious activity
- Ensure that security requirements and considerations are woven into the development of each system
- Partner with the ITOps & DevOps teams to develop strategies to monitor active or emerging threats and vulnerabilities
- Drive continuous process feedback improvement
- A minimum of five years of experience in Information Security or in a technology related field
- Bachelor's degree from an accredited college/university or equivalent experience; CSSP, CISSP, CEH, CPT, CISM, CISA, CIPP, GIAC, GSEC, and/or GCFW certifications is preferred
- Deep knowledge of all aspects of infrastructure and cloud security
- Expert or proven in-depth knowledge in AWS (Azure a plus)
- Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
- Experience in host and memory forensics (including live response) for Windows and Linux
- Significant experience in a Security Operations Center (SOC), Security Monitoring, Incident Response methodology, Log Management (LM), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), firewall, intrusion prevention systems, Endpoint/Extended Detection & Response (EDR/XDR), and Data Loss Prevention (DLP)
- Extensive hands on experience with Palo Alto Networks security portfolio including Next-Gen Firewalls, Panaroma, Prisma Access, Prisma SD-WAN, etc.
- Extensive hands on experience with AWS including Identity and Access Management (IAM), KMS, WAF
- Experience with infrastructure as code (Terraform preferred)
- Solid understanding of networking concepts and troubleshooting
- Self-motivated, results-oriented, team playing - Rockstar!
NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as requested to meet the ongoing needs of the organization.