Senior SOC Engineer - San Mateo,Ca/Remote

Guidewire San Mateo , CA 94401

Posted 4 months ago

The Senior SOC Engineer role will serve as the team leader responsible for monitoring, detection and response activities for all types of security threats, events and alerts within Guidewire's Security Operations Center for the Public Cloud based SaaS and Corp IT environments. The role will report to the Director of Security Operations and is part of Guidewire's global Information Security group.


  • Lead and collaborate with the MSSP's SOC analysts to provide subject matter expertise in security threat analysis, hunting, detection and response across Guidewire's Dev, Pre-Production, Production and Corp IT environments

  • Act as Guidewire's Blue Team expert to develop ingestion rules and filters in sensors / platforms / appliances as relevant, and build content for the SIEM to provide actionable contextual threat intelligence data and improve visibility and detection in the SOC

  • Perform analysis, investigation and correlation of actionable security events and alerts, using network traffic analysis, net flow, IDS/IPS, SIEM and/or any other custom sensor output as it pertains to security threat intelligence, analytics and visibility

  • Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain and recover from security incidents in a timely manner

  • Provide inputs for development of Incident Response Procedures in the form of operational run books, for the most relevant incident types

  • Willingness to be on call and serve as the point of contact for information security alerts and incidents


  • 5+ years of previous experience working in security operations, hunt teams, threat intelligence or incident response Public Cloud experience required

  • 3+ years of hands on experience in LogRhythm SIEM - searching and querying of raw logs, tuning of events and alerts, analysis and investigation of alerts, and writing content for LogRhythm SIEM, AIE rules etc.

  • Minimum 3 years of experience running security analytics, correlation, tuning, analyzing and investigating alerts from multiple security technologies including IDS/IPS, SIEM, Network, Endpoint and User Behavior Analysis tools, Network Packet Analyzers, Log Analysis (Windows, Linux, Web Servers, FIM, NextGen Firewalls, NextGen AV, WAFs, etc.)

  • 3+ years of experience leading cyber security incident resolution as an Incident Response / SOC Engineer or Analyst in an Enterprise environment, with ability to investigate and understand threat campaign(s) techniques, lateral movements, C&C communications and indicators of compromise (IOCs).

  • 2 years of hands-on experience with public Cloud platforms (AWS, Azure, GCP) with excellent understanding/working knowledge of IaaS, platforms and services (i.e. VPC, EC2, S3, RDS, AWS SDK, Lambda, AWS WAF, CloudFront, ECS, etc.)

  • Experience developing and maintaining operations playbooks, run books, and the IR plans

  • Advanced Knowledge of the TCP / IP protocol suite, security architecture, securing and hardening Operating Systems, Networks, Databases and Web Applications

  • Thorough understanding of the threat and attack landscape, latest security trends, attack vectors, vulnerabilities, and how they are leveraged by malicious actors

  • Security certifications like CISSP, GSEC, GCFA, GCIH, GCIA, CHFI, AWS certification etc. are highly desired

  • Familiarity with industry common information technology control frameworks, particularly SOC1/2, Cloud Security Alliance, and ISO 27001/2.

  • Excellent verbal and written communication skills and ability to document and explain technical details and incident reports clearly and concisely

  • S. degree in Computer Science or related field or equivalent combination of professional development training and experience

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Inspections Specialist (Audit Regulator) San Mateo

Public Company Accounting Oversight Board

Posted Yesterday

VIEW JOBS 10/20/2019 12:00:00 AM 2020-01-18T00:00 Requisition Number 19-0142 Post Date 10/18/2019 Title Inspections Specialist (Audit Regulator) - San Mateo Division Division of Registration and Inspections PT/FT Full Time City San Mateo State CA Description Our Mission The PCAOB oversees the audits of public companies and SEC-registered brokers and dealers in order to protect investors and further the public interest in the preparation of informative, accurate, and independent audit reports. Job Description The PCAOB has full-time, regular positions for Inspections Specialists in the Division of Registration and Inspections in our San Mateo, CA office. The Division of Registration and Inspections inspects registered public accounting firms in connection with the firm's performance of audits, issuance of audit reports, and related matters involving U.S. companies, other issuers, brokers, and dealers. Audit professionals who join the PCAOB will directly contribute to the PCAOB's mission of protecting investors. Responsibilities As an Inspections Specialist you will have the opportunity to use your skills and experience in auditing to participate in a rigorous program of inspections of registered public accounting firms including: * Inspecting portions of audit workpapers to assess the degree of compliance with the Sarbanes-Oxley Act, the rules of the Board, the Securities and Exchange Commission, and professional standards in connection with the performance of audits, issuance of reports, and related matters involving issuers; * Assessing the firms' quality control structures and the related impact these structures have on audit quality; * Meeting and interviewing firm personnel to (1) understand the firms' quality control structures, (2) understand the audit approach to audit engagements, and (3) further develop and/or identify quality control and/or audit deficiencies; * Gathering and organizing information to support identified inspection issues; * Researching and consulting with others on technical issues; * Communicating findings to firm personnel in meetings and in comment forms; and * Preparing comment forms and assisting with drafting inspection reports. As an Inspections Specialist, you will also be able to: * Enhance your technical skills through inspection activities and collaboration with highly skilled Inspection teams; * Participate in inspection projects aimed at enhancing the effectiveness of the Inspection program; * Participate in the development and/or facilitation of training courses; and * Participate in the PCAOB's recruiting process. Requirements Qualifications * Current CPA (Certified Public Accountant) license required; * Six to fifteen years of progressively responsible experience having attained the Senior Manager or Manager level in the audit of companies traded on the U.S. markets; * Bachelor's degree in Accounting; MBA/Master's degree is a plus; * Strong knowledge of PCAOB standards, generally accepted accounting principles and/or international financial reporting standards; * Strong communication skills, both written and oral; * Ability to work independently and as a member of a team; * Ability to travel 20-30% of time (including some non-U.S. travel); and * Fluency in a foreign language is a plus. Our Values As we seek to accomplish our mission and implement our vision, we expect integrity, pursue excellence, operate with effectiveness, embrace collaboration, and demand accountability. Equal Employment Opportunity All PCAOB employees are entitled to equal opportunity and a professional work environment, free of discrimination and harassment. A workplace free of discrimination is fundamental to professional success and to the PCAOB's mission. The PCAOB will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. #LI-DD1-R Public Company Accounting Oversight Board San Mateo CA

Senior SOC Engineer - San Mateo,Ca/Remote