Senior Security Operations Engineer
Department: Information Security
Employment Type: Full-time
As a Senior Security Operations Engineer at Tide (fondly referred to as a Tidean, a mighty challenger of the banking world) you’ll join an ambitious team of highly motivated, talented Tideans who love to collaborate, and are driven by helping people achieve their business ambitions. We live and breathe our values, which are to put our members first, work as one team and be data driven, as part of our team, they’ll matter to you too.
As part of this team, you will help take our security processes to the next level. Our scaling security team is responsible for securing Tide, our Tideans and our Members. This is achieved through Security Operations focused on event data, incident response and tooling and the automation of all of that to free up Ops engineers to go on focused threat hunts.
About the Tech
We’re security champions working tirelessly in the automation and orchestration of security process. Working with AWS and within zero-trust concepts in both corporate and platform environments, utilising IAM, SIEM and Solid Device Management Practises.
- Work on the Implementation and maintenance of our security event monitoring tooling
- Use Open source intelligence to investigate live and identify future potential threats
- Build our security incident management and forensics capabilities
- Work with the Infrastructure team to review and manage our access controls and identity management
- Run the vulnerability management and triage program
- Manage tooling to effectively detect and respond to security incidents.
- Evaluate the impact of current security trends, advisories, publications, and academic research.
- Build tooling for internal use that enable the team to operate at high speed and at scale.
- Writing, and managing indicator of compromise queries.
- Responding to, triaging, and investigating potential incidents across Tide’s laptops, servers, network devices, and cloud systems.
- Performing and automating in-house network and host security testing.
- Managing third-party penetration tests.
- Acting as incident manager and running interactions with external incident response and forensics teams in the event of a major incident.
- Working with infrastructure teams to ensure that programmatically-driven security policies are correct
- Implementing security orchestration and automation on top of existing solutions.
Let’s not beat around the bush. We’re an international scale up, we’re busy! If fast paced environments, cross team exposure, inquisitive freedom and the ability to have a real impact on a rapidly growing scale up appeals to you, then you already have the mind of a Tidean. If you have that along with the following experience, we’d love to hear from you.
- Experienced in operational security
- Writing and triaging production security alerts against large data sets, ideally with Splunk Enterprise Security
- Hardening AWS, Linux containers and common services
- Identity and Access Management systems like Okta and authentication integration via OAuth, SAML, and LDAP
- Host policy automation using Jamf for OSX and Microsoft Group Policy Objects
- Some on-call will be required
- Experience mentoring other engineers in security
- Able to act as a cheerleader and champion for security
- Ability to thrive and succeed in a dynamic, fast growing, startup environment
- Software engineering experience
- Passion for information security
- Hands-on attitude and the ability to drive solutions to completion
- Experience with Automation
- Excellent oral and written communication skills.
- 2+ years of scripting/coding (Python, Java, Ruby etc)
- Previous experience in a security operations centre.
The highly desirables:
- Previous experience in offensive security.
- Knowledge of security compliance standards and regulations including the GDPR/Data protection.
With over 125,000 members, we’re the leading provider of SME business accounts in the UK. Why? Because we’re solving a real world problem by being passionate about helping our members.
SME’s have been underserved and overlooked by traditional banks for years. In an entrepreneurial age where everyone is expected to take a shot, traditional banks have not evolved with the needs of the market. That’s where Tide comes in.
With quick on-boarding, low fees and innovative features, we thrive on making data driven decisions to help SMEs save both time and money.
Here’s what we think about diversity and inclusion…
Diversity is what makes our world interesting. Fact. We don’t build our product for one type of person, Tide is here for everyone. And that’s how we build our teams. We’re a melting pot of different cultures, races, religions, girls who like girls, boys who like boys and those who like both. We’re proud of the fact that we represent society and it will always be our mission