Security Operations Engineer
Amount delivers the technology that financial institutions need to create and enhance their digital credit offerings. Built by lending industry veterans, Amount helps partners go digital in months—not years—with a suite of proven product modules for credit decisioning, fraud prevention, account verifications, servicing engines and CRM solutions. Amount partners can optimize performance across product categories by tapping into various service offerings including customer acquisition, funnel and performance assessments, and risk consulting & analytics. Amount clients include financial institutions collectively managing close to $1T in US assets and servicing more than 25 million US customers. Visit www.amount.com for more information.
As a Security Operations Engineer at Amount you will be part of the security operations organization with the objective of Investigating, analyzing, and responding to cyber incidents within Amount’s network and AWS cloud services. This role collaborates with other Information Security and DevOps teams in order to engineer secure solutions for the organization.
What you might do at Amount:
- Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise
- Perform analysis of log files from a variety of sources (e.g., EDR logs, individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
- Continuously identify new log sources to be monitored to create new threat alerts
- Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access
- Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures
- Assist and or lead in efforts to detect, confirm, contain, remediate and recover from attacks
- Engineer solutions to automate the security analytics platform to make the alerting better by reducing noise
- Perform root cause analysis, troubleshoot complex issues with existing security protocols
- Maintain and improve standard operating procedures and processes
- Ability to design and enhance incident response process for cloud service models and within Amount’s network. (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation)
- Support security operations by automating data collection, analysis, and report generation using script language programming (Shell / Perl / Python / Ruby)
- Work with client facing stakeholders such as partners and vendors to help comply with information security requirements
- Educate and advise internal stakeholders on security best practices and architecture
Why you might be a fit for Amount:
- Ideal candidate will have 5+ years of security related experience in areas such as pentesting, intrusion detection, incident response/handling, Firewall administration, Security analytics, and vulnerability scanning
- Experience with command line interface and some level of exposure to administering systems and services for various operating systems
- Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
- Knowledge of vulnerability scanning tools and reporting (Rapid7 etc.)Champion and lead incident response program execution and management
- Demonstrated ability to analyze, triage and remediate security incidents
- Knowledge of SIEM solution such as SumoLogic, Splunk or similar
- Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
- Knowledge of AWS security and networking configurations, such as security groups, subnets, and routing tables
- Knowledge of AWS resources including: EC2, ECS, RDS, Lambda, CloudWatch, Guard Duty, Inspector, Systems Manager, Config, CloudFront, VPC security configuration
- Expert knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
- Expert knowledge of malware operation and indicators
- Expert knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Expert knowledge of security related technologies and be able to engineer solutions with these technologies (DLP, IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
- Expert security tools experience (Wireshark, tcpdump, Netwitness, Snort, Bro, Kali, etc.)
- Moderate knowledge of audit requirements (PCI, SOX, etc.)
- Programming skills in various languages (Python, bash etc.) highly desired
- Ability to manage multiple priorities simultaneously
- Bachelor’s degree preferred; focus in computer science or a related technical field preferred.
Why Amount is a fit for you:
At Amount, we believe our values make a difference:
We value, support, and help each other grow
We are committed to active inclusion and diversity
We are transparent and believe the best idea wins
We succeed when our customers succeed
We get sh!t done… responsibly
And we keep it fun!
We believe that ideas are more important than titles, everything is more fun together, everyone drives change, and everyone is an owner. While we believe the perks and benefits that we offer are terrific, nothing excites us more than having the ability to collaborate with intelligent, highly-motivated and talented people on challenging problems as we work to change the face of online lending.