Note: The job is a remote job and is open to candidates in USA. Reserv is an InsurTech company creating and incubating cutting-edge AI and automation technology to bring efficiency and simplicity to claims. As a Security Operations Engineer, you will be responsible for protecting the organization’s digital assets from cyber threats through monitoring, vulnerability assessments, and developing security policies. This hands-on role requires a proactive approach to identifying and mitigating potential security risks.
Responsibilities
- Continuously monitor security telemetry to identify potential threats, malicious activity, or unauthorized access. Sniff out threats before they become a headline!
- Investigate, analyze, classify, prioritize and contain security breaches in real-time, providing detailed reporting and post-incident analysis. Build a secure plan, not a work around, so it never happens again!
- Conduct vulnerability assessments to identify system weaknesses before they are exploited
- Coordinate and assist with penetration testing activities
- Install, configure and maintain security software and systems such as endpoint security, intrusion detection, prevention systems and logging platforms
- Install and fine-tune our arsenal—from EDR/XDR and SIEM to SOAR and IDS/IPS
- Research, analyze and stay up to date on the latest security trends, hacking techniques, emerging cyber threats
- Educate employees and stakeholders on security protocols, phishing threats and data protection
- Develop SOPs, playbooks/runbooks to consistently respond to common incidents that allow our security posture to scale as fast as our business
- Hunt for unknown threats in the environment by analyzing logs based on current and emerging threat intelligence. Be the hero who identifies potential threats before they happen!
Skills
- Minimum of 3 years of experience in the trenches of a dedicated cybersecurity role
- Working understanding of NIST Cybersecurity Framework
- Technical proficiency with MacOS, Windows, Unix/Linux
- Experience securing and monitoring mobile devices
- Knowledge of current threat actors, TTPs, and MITRE ATT&CK framework
- Fluent in SIEM, EDR/XDR, and Vulnerability Scanners
- Experience with cloud-based productivity platforms such as Google Workspace and/or Microsoft 365
- Demonstrated experience working with SIEM tools, vulnerability scanners, endpoint protection, email security and threat intelligence platforms
- Experience with penetration testing
- Experience performing risk assessments, drafting/maintaining cybersecurity policies and procedures, and constructing after-action reports with precise details
- Familiarity with SSO and identity and access management systems
- Security+, CySA+ or similar industry-standard security certifications
- Strong written and verbal communication skills
- You possess a relentless technological curiosity where "sniffing out" anomalies is becoming second nature
- Experience working in a cloud-first or startup environment
- Bachelors degree in Cybersecurity, IT, or related field
- Automation experience with various scripting languages (e.g. Bash, Python, PowerShell)
- AWS and/or GCP certifications or demonstrated experience
- Deep understanding of at least two major operating systems
- Familiarity with the concepts of secure software development (SSDLC)
Benefits
- Generous health-insurance package with nationwide coverage, vision, & dental
- 401(k) retirement plan with employer matching
- Competitive PTO policy – we want our employees fresh, healthy, happy and energized
- Generous family leave policy
- Work from almost anywhere to facilitate your work life balance
- Cool, functional swag
- Apple laptop, large second monitor, and other quality-of-life equipment you may want
Company Overview
Company H1B Sponsorship