About Tixr

The Opportunity

As our Security Operations Engineer, you will implement hands-on efforts to protect and defend Tixr’s network boundaries, keep computer, network, and cloud systems hardened against malicious activity, and provide security services that protect our customer sensitive information. You will work with all layers and components of Tixr’s technology stack, and actively monitor our systems for attacks and intrusions. You will use your experience to own, facilitate, and drive the resolution of security incidents, the implementation of security toolsets, the automation and operationalization of these toolsets and address policy questions and resolve security issues of a technical nature. 

Additionally, you will work with our software engineers to proactively identify and remediate security flaws and vulnerabilities in our product and platform. You will be focusing on scaling and automating security infrastructure and processes. Will solve user and corporate security concerns, investigate security incidents, perform security gap analysis, and implement novel technologies and architecture. 

Work-Life

This role is 100% remote with an optional work environment at our Santa Monica office, located on the 3rd Street Promenade. Most teams run West Coast Hours with lots of autonomy. At this time we are only able to hire US Citizens or active US Green Card holders

Qualifications

• Using, managing, and securing cloud services and platforms that are SaaS, IaaS, etc...

• Experience with security concepts in AWS and with the available security tools, such as Inspector, GuardDuty, Macie, Config, CloudFormation, CloudWatch, CloudTrail, Trusted Advisor, WAF, etc., while also being familiar with third-party alternatives (and when it is beneficial to use them).

• Proficient in administering and effectively managing monitoring and detection systems.

• Deploying identity and access management services including Single Sign On (SSO) frameworks and mechanisms such as OAuth, SAML, etc...

• Log management and security analytics tools, including open source and commercial platforms/toolsets.

• Skillful in integrating security in Tixr’s continuous integration, continuous delivery, and continuous deployment (CI/CD) pipeline for Infrastructure as Code (IaC) (running unit tests, running security tools, managing secrets) using configuration management and automation tools such as Jenkins, Chef, Terraform, GitHub Actions, etc...

• Experienced with using Regular Expressions (REGEX) as well as with automation and development leveraging Python, Terraform, etc.

• The ability to monitor, evaluate, and interpret vulnerabilities/CVEs, vulnerability, risk, and security assessments, cloud platform/system/device/IDS/IPS logs, and threat analysis.

• Knowledgeable about and able to apply open-source and proprietary information within the industry.

• Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. Ability to interact with internal and external customers, leadership, and co-workers both in person, virtually, and in writing.

• Ability to research highly technical topics and derive logical conclusions using well-thought-out processes, eliminating bias and logical fallacies.

• Ability to combine information from various sources into clear, concise technical documents that explain the background and procedures for detecting and mitigating risk.

• Security monitoring and intrusion detection

• Implementing and working with industry standards and guidelines relevant to the role and our industry, such as SOC1/SOC2/SOC3, and PCI

• Managing the information security incident lifecycle, including incident response, mitigation, forensics, after-action reporting, and mapping a path forward.

• Information security architecture, mitigation of threats, and compensating controls

• Applied cryptography and security protocols

• Penetration testing and red teaming

• Enterprise risk management programs, including internal audits, consulting engagements, information technology reviews, audit, and compliance efforts.

Preferred Qualifications

• 4+ years of relevant industry experience in information security/cybersecurity.

• Bachelor's degree in Science or significant work experience Have a willingness and desire to learn.

• Must be a conscientious, punctual, and professional team player Strong bias for action and ownership.

• Proven abilities to work cross-functionally and deliver valueHaving (or planning to have) information technology and security-related certifications is a plus.

The Perks

• Salary Range $130,000 - $180,000 + bonus + equity

• 100% Remote 

• Health benefits starting at $0 premium + choice of dental and vision plans

• Unlimited PTO, holidays, a paid day off on your birthday

• 401k

• Fun and relaxed work environment

• Access to awesome events!