Assist in the implementation of technical security requirements defined by Serve’s Cyber Security Program.
Implement security hardening standards and continuous assessment criteria for Serve’s IT and product infrastructure stack.
Work with IT Service Engineering and Product Engineering teams to further develop and maintain a secure architecture framework within Google cloud environment.
Assist in the implementation and monitoring of build and runtime security measures for Google cloud infrastructure.
Implement or further tune existing security tooling to prevent or detect hardware and software vulnerabilities and common security misconfigurations.
Assist with managing enterprise EDR Platforms as an administrator, creating detection rules, automating response workflows, conducting event correlation and performing incident root cause analysis.
Conduct research on emerging vulnerabilities, threats, IOCs, IOAs, TTPs working to develop controls and build countermeasures as a response.
Perform security reviews on Serve products and services to assess the adoption and implementation of secure design principles.
Conduct comprehensive vulnerability assessments on cloud infrastructure and enterprise business systems, providing clear recommendations and guidance on remediation and providing support for implementation of mitigating actions as required.
Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities.
Contribute to Serve’s Security Awareness Program by building out content, conducting phishing simulation exercises and providing follow up actions to strengthen org-wide security awareness.
Participate in Cyber Security on-call rotation as a security subject matter expert as required.

Requirements

4+ years of experience as a security analyst or engineer
Bachelor's degree in computer science, Information Systems or related field or equivalent work experience
Strong experience with security tools and services within Google or AWS cloud
Deep expertise in Cloud Computing, Windows, Linux security
Experience with deploying or supporting an enterprise EDR/XDR platform
Strong knowledge of networking and internet protocols (TCP/IP, DNS, SMTP, HTTP etc.)
Strong knowledge of secure authentication protocols (OAuth, SAML 2.0)
Knowledge of cryptographic key management best practices
Scripting & Programming experience required (Python, bash, Java, PowerShell)
Experience with supporting security incident response
Experience with assessing or implementing controls to comply with security and compliance frameworks

Benefits

Health insurance
Retirement plans
Paid time off
Flexible work arrangements
Professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security analysissecurity engineeringcloud computingWindows securityLinux securityscriptingprogrammingvulnerability assessmentincident responsesecurity hardening

Soft Skills

collaborationcommunicationproblem-solvingresearchcontent developmenttrainingautomationincident analysiscross-functional teamworksecurity awareness