Vagaro is seeking a lead security analyst with experience in incident response in the areas of detection, containment, eradication, and remediation. The candidate will be responsible for the comprehensive incident response function in Vagaro's security operations in the cloud infrastructure as well as the workspace environment. The position requires strong technical and coordination skills to work alongside with the security operations center, IT department and the engineering teams.
- 15 days PTO
- 10 company holidays
- Monthly reimbursement program on Vagaro services
- 401k retirement plan with matching
- Medical, dental & vision plans for individuals and families
- Discounted tickets program
- On-site fitness center (currently closed due to COVID)
- Review and timely respond to the detection of malicious, misuse and anonymous activities.
- Identify and investigate cybersecurity events. Escalate to other internal teams. Coordinate the resolution effort among departments. Follow up through the complete life cycle of the cybersecurity events.
- Assess risks and business impacts. Identify gaps in risk management. Make recommendation to remediate risks.
- Manage internal vulnerability scanning and testing tools.
- Work with threat intelligence sources to be aware of the continuously evolved cybersecurity threats, the latest remediation techniques, and the best practice.
- Contribute to the development and improvement of the cybersecurity assurance program.
- Contribute to the assessment of internal security controls, design, risks, and mitigations.
- Develop and conduct the cybersecurity training program.
Qualifications & Education:
- 3 years' experience in incident response functions.
- Experience with IDS/IPS, SEIM and PEN test tools.
- Knowledge of the following technologies. Hands-on experience is preferred.
- Ethernet, TCP/IP, LAN, and WAN protocols
- Network security appliances
- Critical subsystems of Windows, Linux, and Mac
- Cloud computing and security
- REST API mechanism and operations
- Web application development and vulnerabilities
- Mobile application development and vulnerabilities
- Social engineering
- SQL and NoSQL database systems
- One or more of the following professional certifications or equivalent:
- CISSP, CISM, CISA
- CompTIA Security+
- MCSA Security
- Azure Security Engineer Associate