Aurigo is an American technology company founded in 2003 with a mission to help public sector agencies and facility owners plan, deliver, and maintain their capital projects and assets safely and efficiently. With more than $300 billion of capital programs under management, Aurigo's award-winning software solutions are trusted by over 300 customers in transportation, water and utilities, healthcare, higher education, and government on over 40,000 projects across North America. We are a privately held corporation headquartered in Austin, Texas, USA, with software development and support centers in Canada and India. We are proud to be Great Place to Work Certified three times in a row and recently recognized as one of the Top 25 AI Companies of 2024.
Key Responsibilities:
1. Continuously monitor the security alerts and incidents from various platforms such as
SIEM, EDR, to identify and respond to security incidents.
2. Analyze and assess threats including malware, network intrusions, phishing and other
attack vectors and provide actionable intelligence.
3. Daily assessment of vulnerabilities identified by the infrastructure scan and prioritize
vulnerability remediation by working closely with other departments.
4. Create reports and provide analysis on vulnerabilities including the remediation efforts,
timelines for completion and track the security exceptions.
5. Report on areas of noncompliance against standards and policies.
6. Conduct periodic security tests on web applications (OWASP Top 10), track and
remediate application security vulnerabilities by working closely with concerned
departments.
7. Perform continuous monitoring and auditing of systems to ensure compliance with CIS
controls, identify the areas of improvement and address the security gaps by working
with other departments as necessary.
8. Facilitate quarterly access reviews of user access across cloud, on-prem, and third-party
applications, work with relevant teams to revoke or adjust access for users with
excessive or inappropriate permissions.
9. Create and update security documentation such as SOPs, Security Policies, Incident
response playbooks.
10. Develop and deliver security training to the organization workforce and track the
progress of completion.
1. Bachelor’s degree in computer science, IT, Cybersecurity or a related field.
2. Must have a minimum of 3-5 years of relevant experience as SOC Analyst /Engineer.
3. Must possess good knowledge and understanding of cloud platforms such as AWS and
Azure.
4. Good Knowledge and understanding of SIEM tools such as Sumo Logic, Splunk, QRadar,
Microsoft Sentinel.
5. Good knowledge and hands on experience on Vulnerability Management tools such as
Qualys, Burp Suite etc.
6. Experience in analyzing security alerts in CrowdStrike, Defender 365, Microsoft Entra,
Sumo Logic along with managing and troubleshooting issues in CrowdStrike, and
Microsoft Defender.
7. Good understanding of MITRE ATT&K, NIST and other security frameworks.
8. Excellent communication and collaboration skills are required.
9. Ability to work as a team player and as an individual contributor.
10. Must be willing to learn, adapt, and work in fast paced, dynamic environment.