Staff Security Operations Engineer

Staff Security Operations EngineerAs a Staff Security Operations Engineer at Workiva, you'll play a pivotal role in safeguarding our systems and data. Our Security Operations team is responsible for continuously monitoring, detecting, and responding to security incidents across our infrastructure. You'll collaborate closely with stakeholders to investigate and validate incidents, ensuring a swift and effective response to any potential threats. Additionally, you'll work autonomously to enhance existing security practices and mitigate risks across various hosting environments. With a focus on mentorship and leadership, you'll take the lead in implementing new security measures, conducting incident response exercises, and contributing to the overall security posture of the organization.What You’ll DoDevelop and implement Security Operations Center (SOC) procedures and protocols to ensure clear remedial action plans and situational awareness, while also training and educating SOC & Infosec members, internal stakeholders, and external business partners on SOC management and proceduresCoordinate incidents including areas of, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage while working closely with information security leadership and business stakeholders and as part of a team of respondersParticipate in incident response tabletop exercises to identify gaps, enhance skills, and engage with stakeholders, while also reviewing technical reports from vulnerability and penetration testing assessments to identify exposure to future incidentsRefine, recommend and maintain playbooks, policies, procedures and guidelines, and align with industry best practicesUse and develop metrics to capture and focus improvement efforts and gap coverage utilizing existing systems and data to improve security for our platformEnsure security controls implemented are effective and maintained in a fashion that supports our performance, scalability and stabilityIndependently address technical and business risks across various hosting environmentsPrioritize areas for improvement and provide recommendations for remediation of identified issuesHandle novel incident response efforts and act as a lead/mentor for other team membersConduct technical and analytical assessments and communicate effectively with technical and non-technical colleaguesRely on factual and data-driven assessments rather than leading with fear or assumptionsWhat You'll NeedMinimum Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent job experience.8+ years of experience working within a Security Operations Center or related fieldPreferred Qualifications Experience with Amazon, Azure, and/or Google Cloud EnvironmentExperience with the querying and use of the Splunk SIEMStrong working knowledge of Linux OS and MacOS (required) and windows (preferred)Experience working with SIEM tools and/or SOAR tools along with the building of playbooks and proceduresExperience in IR management, forensics, and hands-on technology within security principlesSpecialization into at least one of the core areas of a SOC: Digital or Network Forensics, Incident Response, Malware Analysis, Threat Intelligence, Vulnerability Management, and/or another security focused areaExperience in leading or mentoring other employeesInterest in or experience with systems languages (Python, Java, Go)A combination of technical expertise and business acumen to security administration, incident response, and security operations center (SOC) rolesExcellent verbal, written, and interpersonal communication skillsSelf-motivated with strong propensity for action, results and continuous improvementThe ability to work successfully in a high-energy, fast paced, rapidly changing environment is necessaryExceptional organizational and critical thinking skills with the ability to multitask and manage multiple processes, programs, and procedures simultaneously while working under pressure to meet deadlinesTravel Requirements & Working ConditionsMust be able to travel up to 10% annuallyReliable internet access for any period of time working remotely, not in a Workiva officeHow You’ll Be Rewarded✅ Salary range in the US: $120,000.00 - $204,000.00✅ A discretionary bonus typically paid annually✅ Restricted Stock Units granted at time of hire✅ 401(k) match and comprehensive employee benefits packageThe salary range represents the low and high end of the salary range for this job in the US. Minimums and maximums may vary based on location. The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience and other relevant factors.Workiva is an Equal Employment Opportunity and Affirmative Action Employer.  We believe that great minds think differently.  We value diversity of backgrounds, beliefs, and interests, and we recognize diversity as an important source of intellectual thought, varied perspective, and innovation.  Employment decisions are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression genetic information, marital status, citizenship status or any other protected characteristic.  We strongly encourage and welcome people from historically marginalized groups to apply.Workiva is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email talentacquisition@workiva.com. Workiva employees are required to undergo comprehensive security and privacy training tailored to their roles, ensuring adherence to company policies and regulatory standards.Workiva supports employees in working where they work best - either from an office or remotely from any location within their country of employment.#LI-MJ2