Security Operations Engineer

Synack ,
London, Greater London

Overview

Job Description

Imagine a world dedicated to Security Without Compromise. Synack, headquartered in Silicon Valley with regional offices around the world, has protected over 100 global organizations by reducing companies' security risk and increasing their resistance to cyber attack. How do we do this? By utilizing the world's best and most trusted team of ethical hackers who test through our powerful and controlled platform to deliver real security without compromise. At Synack, we aren't afraid to think outside the box or take on big challenges. Backed by top-tier venture capital firms including Kleiner Perkins Caufield & Byers, Microsoft, and Google Ventures, Synack's mission is to leverage global security talent coupled with advanced technology to help enterprises discover security vulnerabilities before they become business problems. Discover the possibilities at Synack! As a Security Operations Engineer you will play a critical role supporting our Clients' penetration test assessments. Partnering closely with our Clients, you will use your technical expertise to communicate the attack surface of various assets that our Synack Red Team (SRT) will test, and develop unique solutions to support these tests. This role is integral to Client success and SRT enablement, and therefore to Synack's success! This role is remote and candidates can be based anywhere in EMEA. Here's what you'll do * Have outstanding relevant technical competencies coupled with a consultative mindset to gather requirements, understand customer needs, and influence internal stakeholders. * Develop a technical understanding of the Client by asking thoughtful questions about: * Their digital attack surface and value at risk * Their existing vulnerability programs, tools and methods * Their security program, including ERM requirements and goals * Work independently with little guidance and provide any/all technical product expertise in building the appropriate solution for the client * Partner with internal stakeholders to develop and execute key assessment plans * Develop unique solutions for implementing Synack assets in support of Client systems Here's what you'll need * Strong technical background * Experience in vulnerability discovery, management, and remediation * Excellent time management, multi-tasking, and prioritization skills as well as the ability to manage multiple concurrent projects * Strong experience working in complex environments with the ability to work through contractual requirements and demands to ensure a successful engagement * Excellent communication skills, both written and verbal, with an emphasis on clearly articulating technical concepts to non-technical individuals * Experience with vulnerability management, risk management frameworks and associated business workflows * Proven experience with scripting languages (language independent) and developing scripted solutions to problems--Python, Ruby, Pearl, JS, any of them. People who've dedicated themselves to learning a language means they are committed, more = more personal commitment, wants someone who has lived and breathed this * Relevant industry certifications in penetration testing and/or security management--OSCP, GPEN, CISSP, CISA--more they have more committed they are, not essential, others are BS, Trent listed the ones who should catch better people * Compliance and audit familiarity--PCI, ISO 27001, SOC 1, SOC 2 It's all hands on deck, it's hard work, it's winning, it's Synack. Join us! Synack is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.