Sr. Security Operations Engineer
Remote
Full Time
Experienced
About Onit
Onit is a global leader in enterprise workflow solutions for legal, compliance, sales, IT, HR, and finance departments. With Onit, companies can transform best practices into smarter workflows, better processes, and operational efficiencies. Onit focuses on enterprise legal management, matter management, spend management, contract lifecycle management, and legal holds, transforming how global Fortune 500 companies and corporate legal departments bridge the gap between systems of record and systems of engagement.
Position Summary:
Onit, Inc. is looking for a Sr. Security Operations Engineer to join our team to help secure our Enterprise SaaS applications and corporate infrastructure. To be successful in this role, you should have great people and technical skills and a passion for technology. The individual we look for is bright, creative and a problem solver. You must be able to multi-task in a fast-paced environment and be a self-starter with the ability to work independently.
Responsibilities:
Desired:
Onit is a global leader in enterprise workflow solutions for legal, compliance, sales, IT, HR, and finance departments. With Onit, companies can transform best practices into smarter workflows, better processes, and operational efficiencies. Onit focuses on enterprise legal management, matter management, spend management, contract lifecycle management, and legal holds, transforming how global Fortune 500 companies and corporate legal departments bridge the gap between systems of record and systems of engagement.
Position Summary:
Onit, Inc. is looking for a Sr. Security Operations Engineer to join our team to help secure our Enterprise SaaS applications and corporate infrastructure. To be successful in this role, you should have great people and technical skills and a passion for technology. The individual we look for is bright, creative and a problem solver. You must be able to multi-task in a fast-paced environment and be a self-starter with the ability to work independently.
Responsibilities:
- Support the Onit security function during US Central Time business hours.
- Manage and conduct vulnerability testing, penetration testing, and client security audits.
- Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response.
- Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations.
- Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation.
- Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response.
- Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action.
- Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment.
- Assist with security awareness programs for employees regarding security best practices
- Assist with the development and updates of Security Policies for SOC2 and ISO27001 compliance.
- Minimum of 5 years of experience in information security, with at least 2 years focused on cloud security.
- Proficient in AWS with a strong understanding of AWS networking/VPC, IAM, Security Groups, EC2, RDS, S3, and containers (EKS/ECS).
- Extensive hands-on experience investigating security incidents, along with the creation, management, and execution of security runbooks / playbooks.
- Knowledge of various AWS Native Security tools, security frameworks, and CSPM tools.
- Experience in security tools such as vulnerability scanners, IDS/IPS, SIEM, firewalls, and endpoint security monitoring.
- Experience with threat detection and threat intelligence.
- Experience securing large-scale SaaS-based enterprise applications.
- Familiarity with security frameworks such as NIST and ISO 27001.
- Proficient in Linux.
- Strong communication, problem-solving, and collaboration skills.
Desired:
- Certifications such as CCSP, AWS Security, OSCP, or equivalent are preferred.
- Experience with Cloudflare and/or AWS WAF configurations.
- Experience with AWS Guard Duty and CrowdStrike.
- Automation experience with one or more of the following: AWS CLI, Bash, Python, Ansible to verify security configurations and automate runbooks is a plus.
- Experience with Microsoft Entra and Mimecast.
We value your privacy. Please review our Privacy Notice for information on how we collect and use your personal data, particularly under the California Consumer Privacy Act (CCPA)
Apply for this position
Required*