Security Operations Engineer/Information Security Engineer

Anaplan San Francisco , CA 94118

Posted 9 months ago

Job Title: Security Operations Engineer/Information Security Engineer

Location: San Francisco

At Anaplan, we are looking for a self-motivated SECURITY OPERATIONS ENGINEER to join our growing team at Anaplan HQ in the city-by-the-bay, SAN FRANCISCO to be a member of the global Security Operations group located across San Francisco, Minneapolis, US and York, UK. Primary focus will be around Threat and Vulnerability Management, Penetration Testing and being a key member of a successful Security Operations Centre.

This role will have a wide range of responsibilities. From designing and implementing security controls across servers, endpoints, network devices, and applications to providing security domain expertise in areas such as system, network, and encryption. You will proactively identify security flaws and vulnerabilities and be able to think both like an attacker and defender. In this incredibly fast-paced, exhilarating environment you will be working with a team that is at the top of their game! Attention to detail and a proven ability to manage priorities are essential to being successful in this role. Your focus will not only be on quality, but quality in the highest degree with passion and patience to execute the work that needs to be done.

This role is an immediate full-time position. If you're ready to roll up your sleeves and tackle unique problems that no one is solving in the tech space yet, keep reading.

Anaplan's Corporate HQ is located in the heart of the eclectic SOMA district, you can feel the excitement and energy of what we do at Anaplan when you step into our San Francisco office. There are open floor plans, fully stocked kitchens, and great collaboration spaces, and we focus on making sure that you have everything you need to work well from the right lighting to the latest technology. When it's time for the team to play together, we visit with our neighbors at a Giants game or a local pub's happy hour. Come see for yourself what a collaborative and exciting place to work looks like.

What you'll be doing:

  • Vulnerability and patch management across OS and network devices

  • Web application security testing against internal and external vendor sites

  • Security data set analysis (Splunk) & management of security systems

  • Management of SAML SSO configurations and liaison with customers

  • Management of VPN user authentication

  • Security reviews from architecture to OS parameters to physical office security

  • Recognize, adopt and instill security awareness & good practices throughout the organization

  • Working closely with other operation teams, e.g. Dev-Ops, Infra-Ops, as required

  • Liaise with Sales personnel and customers as and when required

  • Participate in knowledge sharing with other analysts to develop efficient solutions

  • Exercise risk-based judgement and coordinate responses as necessary

  • Evaluate the impact to the organization of current security trends, advisories, publications and academic research

More about you:

  • 5-7 years' experience with Threat and Vulnerability Management, Penetration Testing and being a key member of a successful Security Operations Centre.

  • Experience with vulnerability management tools such as Nessus, Qualys, etc.

  • Experience with SIEM tools, such as Splunk ES, ArcSight, etc.

  • Incident Response analysis and investigations

  • Experience of security testing tools such as BurpSuite, ZAP, etc.

  • Understanding of secure coding development practice, e.g. OWASP Top Ten, etc.

  • Knowledge of security principles, techniques and technologies

  • Analytical and problem-solving skills

  • Proficiency in written and spoken English

  • Ability to provide clear and concise documentation to customers where necessary

  • Understanding of Cloud terminology and SaaS solutions, e.g. CSA Matrix

Bonus points:

  • Security certifications, e.g. CISSP, CISM, CCSP, CCSK, CEH, GCIH, GCIA, OSCP, etc.

  • University degree in security related discipline

  • Understanding of security devices, i.e. Firewalls, IDS, WAF, VPN, etc.

  • Knowledge of networking protocols and technologies, e.g. TCP/IP, Switching & Routing, etc.

  • Programming and scripting skills, JAVA, Python, etc.

  • Working knowledge of Linux, MAC, Windows operating systems

  • General knowledge around IT security, such as laptop encryption, anti-virus, malware, BYOD, USB lockdown, password policy, etc.

What we offer:

  • The opportunity to be part of our award-winning working Engineering team.
  • A long list of incredible benefits worthy of a leading Silicon Valley tech firm. We offer highly competitive packages - we're serious about attracting the best technologists in the industry.
  • A rewarding career with a company that values diversity and invests in you.
  • with an extraordinary culture contact us now.

About Anaplan

We're building a truly unique technology. From our calculation engine and in-memory data store, to apps and predictive analytics; amazing technology is being developed every day.

We're addressing a $100B/year problem that all global businesses face. Our mission is to break the traditional business planning mold, currently performed through spreadsheets or legacy systems. Anaplan's Connected Planning platform is enabling customers to improve decision-making by turning response time into real time.

With 1000+ customers and 175+ partners globally, Anaplan's platform is solving some of the most complex challenges in business. CEOs, analysts, and the press agree

Anaplan is changing the way the world does business.

Learn about our history, see our recognitions and achievements, and take a look at what it's like to work at Anaplan.

Get to know more about working at Anaplan by checking out our social channels.

Facebook

Twitter

Instagram

YouTube

CAN'T FIND THE PERFECT ROLE FOR YOU? NEW OPPORTUNITIES ARE OPENING UP DAILY:

ANAPLAN.COM/CAREERS

#LI-SM1


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Engineer 4 Web Application Penetration Tester

Wells Fargo

Posted 2 days ago

VIEW JOBS 12/7/2019 12:00:00 AM 2020-03-06T00:00 Job Description At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers. Enterprise Information Security within Wells Fargo Technology is seeking an Info Security Engineer to support application security for all of Wells Fargo applications. In this role, you will work with software development partners to identify and mitigate the security vulnerabilities in the applications identified through DAST. Communication with the business security team, Application Security Champions (ASCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo. DAST Testing Responsibilities * Perform Web Application Penetration testing * Meet with application team to collect information and determine scope of testing * Install, configure, use and maintain scanning and testing tools * Manually verify security vulnerabilities identified by automated tools * Perform manual testing to supplement results of automated scanning and testing tools * Provide status and resolve issues that impact testing as required * Document identified security vulnerabilities and related matters in a clear, concise and timely manner * Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation * Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities * Update documentation as required * Maintain electronic or paper trail of testing activity for audit purposes * Maintain confidentiality of authentication credentials, sensitive application information and test results before, during and after completion testing and/or retesting The Info Security Engineer will additionally be responsible for: * Providing adhoc penetration testing as necessary * Providing application security consulting SME Support to developers * Providing for root cause analysis and incident management investigation * Providing security training as required * Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities * Develop and review malicious use cases/threat models * Maintain a broad understanding of security technologies and products * Actively participate on improving the security culture and education throughout the organization. Required Qualifications * 5+ years of information security applications and systems experience * 4+ years of DAST (Dynamic Application Security Testing) experience * 4+ years of automated information security penetration tools experience Desired Qualifications * Advanced Information Security technical skills * Ability to manage complex issues and develop solutions * Excellent verbal and written communication skills * Experience working in a large enterprise environment * Ability to manage multiple and competing priorities * Ability to take on a high level of responsibility, initiative, and accountability * Ability to work with limited supervision * Good attention to detail and accuracy skills * Knowledge and understanding of banking or financial services industry * Knowledge and understanding of information security industry standards and government regulations * Strong analytical skills with high attention to detail and accuracy * Strong collaboration and partnering skills Other Desired Qualifications * 1+ years of mobile testing / forensic experience Street Address AZ-Chandler: 2600 S Price Rd - Chandler, AZ NC-Charlotte: 401 S Tryon St - Charlotte, NC CA-SF-Financial District: 333 Market St - San Francisco, CA NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo San Francisco CA

Security Operations Engineer/Information Security Engineer

Anaplan