About the Role

We are looking for a Senior Security Engineer (remote) to be a key leader in expanding Coalition’s internal security program. This role will serve as a full-spectrum security engineer with a strong focus on detection and response. Securing Coalition is essential to protecting our policyholders and achieving Coalition’s goals of solving cyber-security risk. The InfoSec team leads the company-wide efforts to improve Coalition’s security posture in close collaboration with Product, Engineering, and IT.

This is an engineering role, and you will be a key contributor to our roadmap while building innovative and scalable detection/response solutions. We’re targeted by the most capable adversaries, and InfoSec has excellent visibility/support from the entire company. You will use modern cloud technology stacks in both the production and corporate environment, and you will influence major security technology decisions. This role will report to the Director of Security & Infrastructure under the Engineering department and will partner with the IT, Security Engineering and Platform Engineering teams.

Responsibilities

• Provide expert experience building information security programs to include hands-on selection, implementation and/or assessment of security controls
• Evaluate, test, implement, and operate endpoint, cloud, and network-based security tools to enhance Infosec’s monitoring of the technology environment
• Respond to computer security incidents and/or collect, analyze and disseminate cyber threat intelligence
• Hunt for threats by monitoring logs, behavioral data, and other data sources

Skills and Qualifications

• 5 years of security engineering experience with a focus on attack detection and response. Especially in macOS, AWS, and SaaS environments
• 1+ years development experience
• Bachelor’s degree in a technical discipline or equivalent work experience
• Demonstrate expert understanding of the life cycle of network threats, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures
• Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis or other areas of security operations
• Expertise with security information and event management (SIEM) systems and writing high-signal, low-noise detections
• Knowledge and operational use of major cloud technologies
• Incorporate Cyber Threat Intelligence and Cyber Security Awareness concepts into programs as necessary to address risk from internal and external threats
• Ability to communicate effectively to both technical and non-technical audiences - articulate security risk and mitigate controls to management. Empathetic and proactive in supporting business needs
• Knowledge of programming and scripting for development of security tools and industry frameworks is helpful

Bonus

• Knowledge of tiered operational support involving all aspects of the monitoring, response and triage of cybersecurity events
• Experience with SOAR platforms (Demisto, Phantom, etc.)
• Experience with MITRE ATT&CK framework, and ability to adapt these adversary techniques, tactics, and procedures to IDS and SIEM rules
• Experience with vulnerability scanning and management tooling, such as Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, or other offensive tools

Perks

• 100% medical, dental and vision coverage
• Flexible PTO policy
• Annual home office stipend and WeWork access
• Mental & physical health wellness programs (One Medical, Headspace, Gympass, and more)!
• Competitive compensation and opportunity for advancement
• Coalition’s individual pay is determined on several factors, including but not limited to, location, level, skills and experience. The US base salary range for this full-time position is $125,000 - $205,000, and your recruiter can share more on target salary for your location during the interview process

#LI-Remote