SecOps Engineer

Totara’s is a fully customizable learning management system (LMS) that boosts compliance rates, optimizes training effectiveness, and maximizes staff retention – at unrivaled scale. Built and deployed by a global partner network, Totara’s platform handles all learning, compliance, and performance management needs no matter the industry or complexity. That’s why Totara is trusted by 20 million users across 1500+ customers and 50+ countries.

We are seeking a highly skilled and motivated Security Operations Engineer to join our growing Information Security team. We are developing a new security program and implementing an entirely new tool stack. The ideal candidate is someone with multidisciplinary experience who has implemented security technologies (and supporting processes) from the ground up. In this role, you will be responsible for ensuring the security of our cloud and internal infrastructure, monitoring systems for suspicious activity, and managing incident response efforts. You will work closely with various teams to implement security controls, improve processes, and manage tools in domains such as threat intelligence, vulnerability management, and security incident and event management (SIEM).

Key areas of ownership:

• Design and implement technical security controls to safeguard both cloud and internal infrastructure systems.
• Oversee the deployment, configuration, and administration of solutions such as vulnerability management, SIEM, EDR, firewalls, threat intelligence, and cloud security
• Create and mature SecOps practices and IR playbooks
• Identify vulnerabilities, enforce security best practices, and automate security processes.
• Identify, implement and track SecOps KPIs and metrics

Responsibilities: 

• Monitor and Defend Infrastructure: Monitor cloud and internal systems for security incidents and anomalies. Respond to security incidents and breaches in a timely and effective manner.
• Design and Implement Security Controls: Develop and deploy technical security controls to protect infrastructure, applications, and sensitive data.
• Vulnerability Management: Identify and remediate security vulnerabilities within the environment by conducting vulnerability assessments, analyzing scan results, and coordinating patch management efforts.
• Threat Intelligence and SIEM Management: Utilize threat intelligence to enhance detection and prevention capabilities. Manage, tune, and maintain the organization’s SIEM system to provide actionable insights.
• Incident Response: Lead and participate in incident response activities, including detection, analysis, containment, and remediation of security events.
• Automation: Identify opportunities to automate security tasks and processes to increase operational efficiency and reduce response times.
• Security Best Practices: Support system/infrastructure hardening and ensure that all systems and processes adhere to industry security standards and best practices. Contribute to internal policy creation and governance initiatives.
• Collaboration and Support: Work with cross-functional teams, including IT, DevOps, and GRC, to support security requirements for ongoing projects and business operations.

Knowledge and Experience:

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
• AWS Security Specialty certification strongly preferred 
• Hands-on experience identifying and remediating security issues in AWS is required.
• Demonstrated experience implementing security tooling (e.g. SIEM, vulnerability management, CASB, CNAPP, and threat intelligence platforms)
• Hands-on experience with network security, endpoint protection, firewalls, IDS/IPS, IAM, and other security technologies.
• Familiarity with Rapid7 and Crowdstrike technologies is a plus
• Familiarity with common cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS).
• Familiarity with security best practices for Infrastructure as Code (IaC) and CI/CD
• Experience with networking and compute infrastructure such as servers, database, firewalls and load balancers
• Experience using Atlassian Jira ticketing and Confluence
• Strong analytical skills and ability to communicate security concepts effectively.
• Leadership skills and the ability to work effectively with cross disciplinary teams.
• Excellent verbal, written, and interpersonal communication skills, including the ability to communicate security and risk-related concepts to technical and non-technical audiences.

Benefits and Perks

• Enhanced Parental Leave
• Private Health Insurance Cover
• Professional Development Opportunities
• Annual Wellbeing Allowance
• New Joiner home working set-up allowance
• Additional Paid Leave: Birthday off, Working days between Christmas and New Years Eve