Staff Security Engineer, Cybersecurity Operations Job at Cruise
We're Cruise, a self-driving service designed for the cities we love.
We're building the world's most advanced self-driving vehicles to safely connect people to the places, things, and experiences they care about. We believe self-driving vehicles will help save lives, reshape cities, give back time in transit, and restore freedom of movement for many.
In our cars, you're free to be yourself. It's the same here at Cruise. We're creating a culture that values the experiences and contributions of all of the unique individuals who collectively make up Cruise, so that every employee can do their best work.
Cruise is committed to building a diverse, equitable, and inclusive environment, both in our workplace and in our products. If you are looking to play a part in making a positive impact in the world by advancing the revolutionary work of self-driving cars, come join us. Even if you might not meet every requirement, we strongly encourage you to apply. You might just be the right candidate for us.
Cybersecurity Operations is a budding team within Detection & Response, the organization responsible for protecting Cruise and our customers from internal and external threats.
As the team's Staff Security Engineer, you will partner closely with the Engineering Manager and play a key role in setting and driving the technical direction of the team. As the most senior engineer on the team, you will lead and mentor a small team of security engineers responsible for supporting a vast portfolio of internal and third-party solutions that are key to securing Cruise. They span cloud security, network traffic visibility, endpoint detection and response, email threat protection, data loss prevention, SOAR, and data lakes. In parallel, you will develop and lead new functions spanning threat intelligence, attacker deception, incident retrospective management, attack documentation and visualization, and digital forensics lab management.
Applicants should be excited to solve hard problems, employ their outstanding communication skills, and lead and mentor others. You should possess extensive experience deploying and maintaining security solutions as well as familiarity with incident response and/or digital forensics. You should stand out on your team as a top performer, innovator, and leader.
WHAT YOU'LL BE DOING:
Serve as the technical lead for a small team of engineers
Support Cruise's ability to respond to threats by designing solutions, selecting technologies, deploying and implementing security products, and improving the configuration of existing toolsets
Automate manual tasks and processes with a heavy emphasis on repeatability, scalability, and auditability
Migrate legacy solutions and spearhead the architecture of new solutions with a cloud-native mindset
Partner with outside vendors to ensure that Threat Defense systems are resilient, hardened, optimally configured, and properly integrated as well as influence their product roadmap
Curate and manage a corpus of threat intelligence used to enrich detections, profile threats, and enable incident responders
Aggregate metrics (i.e. Mean Time to Detect, Mean Time to Contain, etc.) from incident response processes for the purposes of improving operation and developing the program
Evaluate the posture of Threat Defense and proactively identify opportunities to optimize and automate
Ensure modern engineering standards and concepts are adopted and followed, and the quality of the product offerings are at a high bar
Identify, build, and support relationships with key cross-functional partners within and outside of Security to foster a collaborative culture
Drive long-term planning and establish scalable processes for execution
Embody Cruise behaviors and values: Stay Safe, Own It, Stay Focused, Seek Truth, Work Together, Be a Customer, Be Humble
WHAT YOU MUST HAVE:
Moderate experience responding to incidents with varying degrees of severity and complexity
Recent and significant experience writing code (preferably, Python and/or Go) in a production environment, and the ability to pass a challenging coding interview
Experience with deployment, operations, and maintenance of open-source and commercial security tools across incident response, digital forensics, attacker deception, and/or threat intelligence programs
Hands-on experience and/or familiarity with DevOps and DevSecOps principles, concepts, and technologies (i.e. Docker, Kubernetes, Hashicorp, Datadog, Github, Chef, CI/CD, etc.)
Hands-on experience with major Cloud Service Providers (i.e. Azure, GCP, and AWS) and provisioning their services
Demonstrated history of mentoring junior engineers
Track record of shipping well-polished deliverables to senior management
BONUS POINTS!
Fluency in SQL for querying complex data sets
Experience with MITRE ATT&CK and D3FEND matrices
Experience performing data collection and analysis in cloud environments
Experience developing automation in support of incidents and investigations
Experience performing analysis within EDR solutions (i.e. Carbon Black, CrowdStrike Falcon)
Contributions to the security community (open source, public research, blogging, presentations, etc.)
The salary range for this position is $197,600 - 290,400. Compensation will vary depending on location, job-related knowledge, skills, and experience. You may also be offered a bonus, restricted stock units, and benefits. These ranges are subject to change.
Why Cruise?
Our benefits are here to support the whole you:
- Competitive salary and benefits
- 401(k) Cruise matching program
- Medical / dental / vision, AD+D and Life
- One Medical membership
- Subsidized mental health benefits
- Flexible vacation and company paid holidays
- Healthy meals and snacks provided for non-remote employees
- Paid parental, jury duty, bereavement, family care, and medical leave
- Fertility Benefits
- Dependent Care Flexible Spending Account, subsidized by Cruise
- Flexible Spending Account
- Monthly wellness stipend
- Pre-tax Commuter Benefit Plan for non-remote employees
- CruiseFlex, a working policy for US-Based Cruisers, lets you and your manager find the working style that's best for you, whether it's primarily in-person, primarily at home, or a combination of home and in-office time. - learn more about CruiseFlex here
We're Integrated
Through our partnerships with General Motors and Honda, we are the only self-driving company with fully integrated manufacturing at scale.
We're Funded
- GM, Honda, Microsoft, T. Rowe Price, and Walmart have invested billions in Cruise. Their backing for our technology demonstrates their confidence in our progress, team, and vision and makes us one of the leading autonomous vehicle organizations in the industry. Our deep resources greatly accelerate our operating speed.
We're Independent
- We have our own governance, board of directors, equity, and investors. Our independence allows us to not just work on the edge of technology, but also define it.
We're Vested
- You won't just own your work here, you'll have the potential to own equity in Cruise, too. We are competing in a market that is projected to grow exponentially, which gives our company valuation room to grow. We offer a new kind of equity program called Recurring Liquidity Opportunity (RLO), which combines IPO-like liquidity with the stability of remaining private - learn more about RLO here
Cruise LLC is an equal opportunity employer. We strive to create a supportive and inclusive workplace where contributions are valued and celebrated, and our employees thrive by being themselves and are inspired to do the best work of their lives. We seek applicants of all backgrounds and identities, across race, color, ethnicity, national origin or ancestry, citizenship, religion, sex, sexual orientation, gender identity or expression, veteran status, marital status, pregnancy or parental status, or disability. Applicants will not be discriminated against based on these or other protected categories or social identities. Cruise will consider for employment qualified applicants with arrest and conviction records, in accordance with applicable laws.
Cruise is committed to the full inclusion of all applicants. If reasonable accommodation is needed to participate in the job application or interview process please let our recruiting team know or email HR@getcruise.com.
We proactively work to design hiring processes that promote equity and inclusion while mitigating bias. To help us track the effectiveness and inclusivity of our recruiting efforts, please consider answering the following demographic questions. Answering these questions is entirely voluntary. Your answers to these questions will not be shared with the hiring decision makers and will not impact the hiring decision in any way. Instead, Cruise will use this information not only to comply with any government reporting obligations but also to track our progress toward meeting our diversity, equity, inclusion, and belonging objectives.
Note to Recruitment Agencies: Cruise does not accept unsolicited agency resumes. Furthermore, Cruise does not pay placement fees for candidates submitted by any agency other than its approved partners.
Please Note :
blog.nvalabs.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, blog.nvalabs.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.