Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for an experienced engineer to join our security operations center / incident response team in EMEA who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.
Expectations for Success
- Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study.
- 5+ years of experience in the Information Security field.
- 2+ years of prior SOC and/or Incident Response experience.
- GIAC, or other security certification preferred, but not required
- Ability to lead an Incident Response Team and respond to emergency calls during non-business hours, as needed.
- Possess the ability to react quickly, decisively, and deliberately.
- Excellent verbal and written communication skills.
- Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership.
- Experience performing analysis utilizing SIEM, SOAR, and HIDS/HIPS technologies.
- Experience performing analysis utilizing IDS/AV/Firewall consoles.
- Experience with cloud computing and AWS services.
- Strong understanding of networking and associated protocols.
- Development skills including scripting (e.g. Python, shell scripting).
- Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs).
- Knowledge of STIX/TAXII, SIGMA, DISA STIGs.
- Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux.
A Day in the Life
- Performs Level 2/3 SOC/IR and shift lead duties as a part of a 24/7 security incident watch team.
- Provides leadership, mentoring, and training to SOC/IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.
- Provides onboarding training and coaching for junior SOC/IR Engineers.
- Performs network and endpoint forensics to establish attack scope and root cause analyses.
- Ensures communication and escalation of security activities to leadership.
- Performs additional analysis of escalations from SOC engineers and conducts incident review.
- Leads development of workflow automation to lower response time and eliminate lengthy response times
- Develop and improve attack remediation strategies, incident handling processes, standard operating procedures, playbooks, and automations.
- Identifies alerting gaps and develops strategies to increase threat detection coverage.
- Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response.
What differentiates us from other companies:
- Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours
- We take pride in our offices design aiming at cultivating creativity from our rooftop views to an open and collaborative work space
- On top of the standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office
- We believe in sharing Qualtrics success which is part of the compensation for all employees
About us Qualtrics is a single system of record for all experience data, also called X-data™, allowing organizations to manage the four core experiences of business—customer, product, employee and brand experiences—on one platform. Over 8,500 enterprises worldwide, including more than 75 percent of the Fortune 100 and 99 of the top 100 U.S. business schools, rely on Qualtrics. To learn more, and for a free account, please visit www.qualtrics.com.
Want to learn more about Qualtrics? Visit Qualtrics's website.
Payroll Services. Benefits. Compliance.