Staff Security Engineer - Cyber Security (London or Leeds)
Security is a core value at Credit Karma. We help millions of people better manage their credit. Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual engineer, everyone views security as a personal responsibility. Your unique mission as a Staff Security Engineer is to build out SIEM capabilities, develop detection and protection controls, and serve as an infrastructure security subject matter expert for new initiatives and projects.
What You'll Do
- Build, deploy and manage DLP, EDR and e-mail security solutions
- Implement an enterprise-grade SIEM tool and enroll critical infrastructure logs.
- Build and monitor integrations between security solutions and ensure the completeness and accuracy of ingested data.
- Develop content, tune alerting and create correlation rules.
- Identify opportunities for implementing additional technology controls to create more visibility or defend key points of attack.
- Identify improvements to business processes and methodologies
- Deploy and maintain additional security solutions that will prevent and detect attacks against CK's infrastructure
- Interface with peer departments within Security, and serve as a consultant for all infrastructure security decisions, partnering with IT, Platform Engineering, Product and Business Development teams.
- Build positive, productive relationships with business and technology leadership.
What's Great About it
- Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
- Solving frontier security problems at scale in a highly technology-focused team.
- Spending zero minutes convincing anyone why security is important - we all understand that very well already!
What We Expect
- 8+ years of experience in a similar role.
- Expert understanding of system, network, infrastructure and security concepts.
- Strong cross-platform (Linux, MacOS and Windows) administration-level experience
- In-depth knowledge of network protocols
- In-depth knowledge of containerization and Kubernetes
- Experience securing SaaS, PaaS and IaaS cloud environments
- Hands on experience with Enterprise SIEM products in an dynamic environment
- Experience building dashboards, creating searches and alerting rules in Splunk and/or Splunk ES.
- Strong scripting or relevant programming skills for automating repetitive tasks.
- Experience working in (or closely with) a Security Operations Center.
- Expert level of knowledge of network security monitoring (NSM) techniques.
- In-depth knowledge of privilege escalation, persistence and lateral movement techniques.
- Self-starting attitude and fearless ascent up the learning curve.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
- A fun and positive attitude!