Senior Cloud Security Engineer
Climb Channel Solutions NA
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Security Triage Analyst II
Snowflake
full-time
Posted on:
Location: California • 🇺🇸 United States
Visit company websiteSalary
💰 $141,000 - $205,800 per year
Job Level
JuniorMid-Level
Tech Stack
AWSAzureCloudDNSGoogle Cloud PlatformLinuxMacOSSQLTCP/IP
About the role
- Serve as the front-line of our global Incident Response Team
- Triage security alerts for insider threats, product security incidents, and traditional security events
- Determine the scope and impact of incidents from various alerting systems that monitor corporate IT and production environments, while staying within SLAs
- Escalate validated threats or take remediation actions
- Contribute to and follow incident response playbooks and runbooks
- Provide incident support during major security incidents
- Hone technical and analytical skills while gaining experience working with a global team and learning from industry experts
Requirements
- 2+ years on a Global Security Operations, Incident Response Team, or in a similar role
- A Bachelor's or Master's degree in Information Security or an equivalent discipline
- Location: Pacific Time Zone
- Experience analyzing phishing reports, including email headers, URLs, and dynamic & static file analysis
- Ability to analyze host logs (Windows, Linux, MacOS) and identify abnormal patterns (processes from non-standard folders, bypass attempts, unusual network connections/requests)
- Experience with one or more of the top three cloud providers (AWS, Azure, GCP)
- Experience with console audit log investigations (e.g., CloudTrail)
- Strong understanding of networking fundamentals (TCP/IP, HTTP, DNS, Subnetting, VLAN, NAT) and basic network and system forensic principles
- Experience with the Linux CLI, including navigating the OS, executing basic commands, and interacting with logs and directories
- Knowledge of important files and directories (e.g., /etc/shadow, /var/log/) and user/file permissions
- Ability to read, write, and modify SQL queries
- Proven understanding of fundamentals of object-oriented programming
- Basic understanding of containerization and experience running a Dockerized application
- Experience using security tools/platforms such as Snowflake, CrowdStrike, GitHub, GitLab, Sublime, Google Workspace Admin logs, Obsidian Security, Code42, Tines, GitGuardian
- Team-first, no-ego mindset; excellent written and verbal communication skills; self-starter with ownership and curiosity
- Willingness to participate in an on-call rotation (~once per quarter)
