Senior SecOps Engineer
Perforce
Position Summary:
Priten Nayak, Sr Director of Cloud Operations at Perforce, is searching for a Sr. SecOps Engineer to design and optimize the security operations for Perforce’s SaaS product portfolio. In this key role, you will drive the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of our production and CI/CD environments, applications, and infrastructure. You will lead the efforts to establish SecOps best practices across the organization, ensuring that all environments adhere to the highest security standards. Responsibilities:Develop and implement vulnerability management practices using tools such as Qualys, Lacework, Prisma, and Mend (SAST and SCA)Experience in managing operations/cadence in Vulnerability management, SIEM, and CSPM.Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications.Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to eliminate manual work and improve efficiency.Automate the detection and mitigation of security threats by integrating SIEM tools with incident response workflows.Drive the implementation of security hardening best practices across the infrastructure, including OS, network, application, and database layers.Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data.Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows.Collaborate closely with Developer and DevOps teams to ensure security is embedded at every stage of the development and deployment processes.Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools.Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations.Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to technical and non-technical stakeholders.Assist with incident response planning, including the triage, investigation, and remediation of security incidents.Stay updated on the latest security threats, tools, and methodologies, and continuously improve the security frameworks and policies of PerforceRequirements:Bachelor’s or master’s degree in computer science, Information Security, Engineering, or a related field.6+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment.Strong hands-on experience with security automation tools and practices for CI/CD pipeline integration and infrastructure-as-code (IaC)..Hands-on experience with vulnerability management tools such as Qualys, Prisma, Lacework, and Mend (SAST/SCA).Development/Automation experience to automate the workflows, security operations/tooling by using Python/Ruby/Go..Proficient in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments.Strong understanding of Cloud Security Posture Management (CSPM) tools and processes.Experience with SIEM tools and security monitoring best practices.Proficient with secret management and scanning in CI/CD environments.Familiarity with hardening techniques across various platforms (Linux, Windows, network, databases, etc.).Proficient in driving security sprint boards using Jira or other task management tools.Excellent presentation and communication skills, with experience in running security meetings and cadence discussions.Strong documentation skills to ensure security processes and incidents are thoroughly recorded.Knowledge of infrastructure-as-code frameworks such as Terraform, Ansible, or similar, with experience automating security configurations a plus.Strong problem-solving skills and the ability to work under pressure in a fast-paced environment.Continuous desire to learn and stay updated on the latest in cybersecurity practices and threats
Priten Nayak, Sr Director of Cloud Operations at Perforce, is searching for a Sr. SecOps Engineer to design and optimize the security operations for Perforce’s SaaS product portfolio. In this key role, you will drive the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of our production and CI/CD environments, applications, and infrastructure. You will lead the efforts to establish SecOps best practices across the organization, ensuring that all environments adhere to the highest security standards. Responsibilities:Develop and implement vulnerability management practices using tools such as Qualys, Lacework, Prisma, and Mend (SAST and SCA)Experience in managing operations/cadence in Vulnerability management, SIEM, and CSPM.Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications.Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to eliminate manual work and improve efficiency.Automate the detection and mitigation of security threats by integrating SIEM tools with incident response workflows.Drive the implementation of security hardening best practices across the infrastructure, including OS, network, application, and database layers.Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data.Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows.Collaborate closely with Developer and DevOps teams to ensure security is embedded at every stage of the development and deployment processes.Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools.Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations.Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to technical and non-technical stakeholders.Assist with incident response planning, including the triage, investigation, and remediation of security incidents.Stay updated on the latest security threats, tools, and methodologies, and continuously improve the security frameworks and policies of PerforceRequirements:Bachelor’s or master’s degree in computer science, Information Security, Engineering, or a related field.6+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment.Strong hands-on experience with security automation tools and practices for CI/CD pipeline integration and infrastructure-as-code (IaC)..Hands-on experience with vulnerability management tools such as Qualys, Prisma, Lacework, and Mend (SAST/SCA).Development/Automation experience to automate the workflows, security operations/tooling by using Python/Ruby/Go..Proficient in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments.Strong understanding of Cloud Security Posture Management (CSPM) tools and processes.Experience with SIEM tools and security monitoring best practices.Proficient with secret management and scanning in CI/CD environments.Familiarity with hardening techniques across various platforms (Linux, Windows, network, databases, etc.).Proficient in driving security sprint boards using Jira or other task management tools.Excellent presentation and communication skills, with experience in running security meetings and cadence discussions.Strong documentation skills to ensure security processes and incidents are thoroughly recorded.Knowledge of infrastructure-as-code frameworks such as Terraform, Ansible, or similar, with experience automating security configurations a plus.Strong problem-solving skills and the ability to work under pressure in a fast-paced environment.Continuous desire to learn and stay updated on the latest in cybersecurity practices and threats
Confirm your E-mail: Send Email
All Jobs from Perforce