Staff Security Operations Engineer - Ames, United States - Workiva, Inc.

Description

Staff Security Operations Engineer

As a Staff Security Operations Engineer at Workiva, you'll play a pivotal role in safeguarding our systems and data. Our Security Operations team is responsible for continuously monitoring, detecting, and responding to security incidents across our infrastructure. You'll collaborate closely with stakeholders to investigate and validate incidents, ensuring a swift and effective response to any potential threats. Additionally, you'll work autonomously to enhance existing security practices and mitigate risks across various hosting environments. With a focus on mentorship and leadership, you'll take the lead in implementing new security measures, conducting incident response exercises, and contributing to the overall security posture of the organization.

What You'll Do

• Develop and implement Security Operations Center (SOC) procedures and protocols to ensure clear remedial action plans and situational awareness, while also training and educating SOC & Infosec members, internal stakeholders, and external business partners on SOC management and procedures
• Coordinate incidents including areas of, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage while working closely with information security leadership and business stakeholders and as part of a team of responders
• Participate in incident response tabletop exercises to identify gaps, enhance skills, and engage with stakeholders, while also reviewing technical reports from vulnerability and penetration testing assessments to identify exposure to future incidents
• Refine, recommend and maintain playbooks, policies, procedures and guidelines, and align with industry best practices
• Use and develop metrics to capture and focus improvement efforts and gap coverage utilizing existing systems and data to improve security for our platform
• Ensure security controls implemented are effective and maintained in a fashion that supports our performance, scalability and stability
• Independently address technical and business risks across various hosting environments
• Prioritize areas for improvement and provide recommendations for remediation of identified issues
• Handle novel incident response efforts and act as a lead/mentor for other team members
• Conduct technical and analytical assessments and communicate effectively with technical and non-technical colleagues
• Rely on factual and data-driven assessments rather than leading with fear or assumptions

What You'll Need

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field
• 8+ years working within a Security Operations Center or equivalent experience

Preferred Qualifications

• Experience with Amazon, Azure, and/or Google Cloud Environment
• Experience with the querying and use of the Splunk SIEM
• Strong working knowledge of Linux OS and MacOS (required) and windows (preferred)
• Experience working with SIEM tools and/or SOAR tools along with the building of playbooks and procedures
• Experience in IR management, forensics, and hands-on technology within security principles
• Specialization into at least one of the core areas of a SOC: Digital or Network Forensics, Incident Response, Malware Analysis, Threat Intelligence, Vulnerability Management, and/or another security focused area
• Experience in leading or mentoring other employees
• Interest in or experience with systems languages (Python, Java, Go)
• A combination of technical expertise and business acumen to security administration, incident response, and security operations center (SOC) roles
• Excellent verbal, written, and interpersonal communication skills
• Self-motivated with strong propensity for action, results and continuous improvement
• The ability to work successfully in a high-energy, fast paced, rapidly changing environment is necessary
• Exceptional organizational and critical thinking skills with the ability to multitask and manage multiple processes, programs, and procedures simultaneously while working under pressure to meet deadlines

Travel Requirements & Working Conditions

• Must be able to travel up to 10% annually
• Reliable internet access for any period of time working remotely, not in a Workiva office

How You'll Be Rewarded

A discretionary bonus typically paid annually

Restricted Stock Units granted at time of hire

401(k) match and comprehensive employee benefits package

The salary range represents the low and high end of the salary range for this job in the US. Minimums and maximums may vary based on location. The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience and other relevant factors.

Workiva is an Equal Employment Opportunity and Affirmative Action Employer. We believe that great minds think differently. We value diversity of backgrounds, beliefs, and interests, and we recognize diversity as an important source of intellectual thought, varied perspective, and innovation. Employment decisions are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression genetic information, marital status, citizenship status or any other protected characteristic.We strongly encourage and welcome people from historically marginalized groups to apply.

Workiva is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email

Workiva employees are required to undergo comprehensive security and privacy training tailored to their roles, ensuring adherence to company policies and regulatory standards.

Workiva supports employees in working where they work best - either from an office or remotely from any location within their country of employment.