Overview
SecOps Engineer Jobs in California, Missouri, USA at Clipboard Health
Title: SecOps Engineer
Company: Clipboard Health
Location: California, Missouri, USA
Type: Remote/Work from Home
Category: IT/Tech, Security
Location: California
About the Role
We are looking for a founding Senior Security Operations Engineer to join Clipboard Health and shape the future of our security operations. As the first hire in this function, you will have the
unique opportunity
to define and improve security operations processes and systems. This role will focus on operational security work at Clipboard, including bolstering our situational awareness, automating cloud security detection and response capabilities, improving the security posture of 3rd party tools, and ensuring that security issues are handled as they arise.
The culture is high-
autonomy
and high-trust, valuing speed and impact. We are looking for candidates with SIEM management and security D&R experience in web and cloud environments.
This is a 100% remote role, open exclusively to individuals who are legally authorized to work within the United States.
Key Responsibilities
• Security Operations, Investigation, and Incident Response
– Lead investigations into security alerts and reported security events in a cloud-based environment.
– Automate investigation workflows and integrate tools to accelerate response times and reduce manual intervention.
– Serve as the Incident Commander, driving response efforts during security incidents, from containment through recovery and post-mortem analysis.
– Define, document, and continuously improve security operations playbooks to ensure rapid and effective handling of security events.
– Partner with IT and support teams on refining procedures relating to security.
• SIEM Management
– Develop and implement SIEM detect ions and alerting mechanisms using Terraform, Datadog, and other security tools.
– Onboard, enrich, and normalize
diverse
log sources across cloud environments, applications, and endpoints.
– Collaborate with engineering teams to instrument deployed resources with tooling, enhance security auditing capabilities, and improve visibility in our environment.
• Vulnerability Management
– Manage vulnerability tracking and reporting, ensuring vulnerabilities are tracked and assigned across teams.
– Negotiate acceptable remediation approaches and prioritization with owning teams.
– Drive remediation efforts, ensuring timely and thorough patching of identified security weaknesses.
• Vendor Platform & Service Security
– Evaluate and enhance the security posture of third-party services and integrations (e.g., Google Workspace, Slack, Zapier), ensuring optimal configuration and ongoing monitoring.
– Monitor and respond to phishing emails and other security threats within Google Workspace.
Requirements
Need to Have:
• At least 5 years of security incident response experience, such as working in a SOC or on a CIRT/DIRT team.
• Experience leading security incidents as the incident commander.
• Investigate security events, coordinating with other teams and organizations as needed.
• Build high-confidence, low-noise security detect ions and alerts.
• Experience with major cloud providers, such as AWS or GCP, and cloud technologies like Docker.
• Comfortable with the Linux command line and able to use scripting languages to accelerate workflows, like Bash and …
