The Security Operations Center (SOC) Tools Engineer will be the subject matter expert for the selection and implementation of SOC tools and methodologies.
Primary emphasis will be placed on evaluating, implementing and maintaining tools and automation in support of Domo’s security operations team members.
Additional duties include identifying and making recommendations on how to increase efficiency in monitoring and responding to security events, in a timely manner.
This candidate should possess a strong understanding of cloud security controls and architecture. (AWS, Azure, etc.) along with a fundamental understanding of traditional security monitoring tools to include Security Design and Architecture, Compliance, Threat and Vulnerability Management, Penetration Testing, Network Design, Firewall Management, IDS/IPS management, monitoring, SIEM technologies, and Endpoint Security.
Evaluate the effectiveness of existing tools supporting Domo’s Security Operations Team.
Advise SOC and Information Security leadership of security risks or opportunities and make recommendations.
Monitor, support, evaluate existing security controls, and make recommendations to enhance security
Implement new information security tools, systems, scripting, and automation in support of SOC needs.
Interface with technical and business personnel on other teams as required
Document and conform to processes related to security monitoring
Participate in knowledge sharing with other analysts and develop solutions efficiently
BS degree, or industry equivalent
At least 5+ years in a hands-on security role, with a strong background in security tools
Strong experience with Security Information and Event Management (SIEM) tools such as ArcSight, QRadar, Splunk, Logrythm, etc.
Strong experience with Firewall, IDS/IPS, and Anti-Malware technologies
Experience in supporting incident response activities
Experience participating in or supporting SOC activities
Experience with vulnerability scanners like Nessus, Qualys, Nexpose, etc.
Familiarity with security testing and forensics tools such as KALI
Programming and/or scripting skills (e.g. python, java, perl, etc)
Knowledge of cloud and containerization