hero
3,078
companies
3,607
Jobs
If you are a Techstars portfolio companyclaim your profile.

Senior Security Engineer, Detection & Response

GlossGenius

GlossGenius

Canada · Remote
Posted on Monday, March 4, 2024

About GlossGenius

GlossGenius is building an ecosystem enabling entrepreneurs to succeed. We empower small business owners to focus on being creators, not admins, by offering a range of business management tools including booking and scheduling, marketing, analytics, payment processing and much more.

Over 65,000 small business owners have chosen to rely on GlossGenius every day to run their entire set of business operations. Joining its powerful, intuitive platform with its vibrant, distinguished brand, GlossGenius is the ideal combination of a fintech, SMB software, and consumer company all in one.

About the Role

In this role, you’ll be responsible for helping design and drive the maturation of the Detection and Response program. You will work hand in hand with teams across GlossGenius including Infrastructure, Information Technology, Product Development, and People to ensure the protection of company resources and data. As a founding member of the GlossGenius Detection and Response team, you’ll have near-greenfield opportunities to design and implement systems for security log processing and enrichment, detection engineering, response automation, and threat hunting in order to further entrench the understanding of GlossGenius as the secure choice for our customers and partners. This is your chance to take lessons from past positions and create solutions that create a better working experience for Security and company staff.

You will report to the Head of Engineering, Service Lines and can work remotely from anywhere in Canada.

What You’ll Do

  • In partnership with the Security Lead, design and implement roadmaps for detection engineering, security response and automation, and threat management for GlossGenius
  • Implement and maintain systems and infrastructure for the collection, normalization, and enrichment of security related logs
  • Develop and optimize our detection capabilities leveraging detection as code, scripting, risk-based authentication, automation, and user-driven security handling
  • Create playbooks and repeatable processes to ensure consistency of response and distribution of knowledge
  • Implement response and investigation automation across the corporate and production environments to improve our effectiveness and reduce the time to remediation
  • Provide guidance and mentorship for junior members of Security and our partner teams
  • Participate in a shared on-call rotation for Security

What We’re Looking For

  • 4+ years of experience in security engineering or adjacent positions involving cloud-based infrastructure environments and distributed corporate environments
  • Hands-on experience performing security investigations, including log analysis, normalization, data correlation, and creating feedback for improving detections
  • Knowledge of AWS and Kubernetes, or similar cloud-infrastructure products, particularly in regards to event and activity monitoring
  • Experience working with corporate and endpoint protection tools, such as EDR, threat intel platforms, IDPs, and email security, and have spent time performing investigative, response, and remediation work using such tools. Bonus points for having managed and configured such tools as well
  • Domain knowledge in the configuration and management of SIEM- and SOAR-type tools, experience with data lakes is a plus
  • You have past experience performing threat hunting and/or evaluation in companies with cross-functional security teams, preferably using common industry frameworks such as STRIDE, ATT&CK, or DREAD
  • You can write scripting and basic tooling for filling gaps around integrations and automation, preferably using Python

Benefits & Perks

  • Flexible PTO
  • Competitive health & dental insurance options, with premiums covered by GG
  • Generous, fully-paid parental leave policy
  • Retirement Savings Plan
  • Professional Development - employees receive a yearly stipend for approved learning and educational-related expenses
  • Home office support
  • Team Bonding opportunities - as a distributed team, being able to build meaningful bonds both virtually and in person is incredibly important to us! We are constantly evaluating how we accomplish this and currently, teams are given opportunities to gather in person throughout the year

At GlossGenius, we celebrate our differences and are committed to creating a workplace where all employees feel supported and empowered to do their best work. We believe this benefits not only our employees but our product, customers, and community as well. GlossGenius is proud to be an Equal Opportunity and Affirmative Action Employer.