Security Operations Engineer
Our Culture & People
Our core values are Employee Success, Customer Success, and Speed. We are innovators, collaborators, and thought leaders out to create best-in-class solutions that help our customers improve and extend human life. It’s genuine, straight-forward, and no fuss.
The Security Operations Engineer is a role embedded within the Global IT Team and provides focus on the operational aspects of security --specifically in terms of enforcing compliance, detection of threats, identification of vulnerabilities, and responding to findings highlighted by penetration testing, where the SecOps Engineer is expected to provide remedial action. In this role, you will work closely with the core IT Operations, Security, and Quality teams to strengthen Veeva’s security policy and process in addition to systems and infrastructure.
Location: Pennsylvania or Toronto
- Define and execute the process to monitor security events and alerts from various IT security tools
- Periodic reviews of existing network security, cloud based access policies, end user security configurations. Make changes, as needed, to the configurations. This may require development of new data feeds and services including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregation of these sources
- Write tools, and use automation and repeatable processes, wherever possible, to cut through the noise and enable everyone to focus their time on the important security events.
- Support forensic recovery and support, event management, threat feed assessment, spam investigation, penetration testing, network sensor audits, proactive defense and security event management.
- Document security incidents, drawing evidence from event logs, error messages, and user activity to identify future risks from which remedial action can be taken. Communicating ongoing threats and detections through reports
- Trend analysis of security incidents and recommendation of corrective action
- 2+ years of experience in an IT Operations role, ideally with some exposure to Security, Incident Response, or Techops
- Experience and interest in Log Management, Security Event Correlation, SIEM technology, firewalls, and intrusion detection and prevention systems
- Expertise in incident response technologies and signature development and analysis of false positive alerts
- Experience assessing and hardening security configurations for operating systems, applications and services
- Strong written and verbal communication skills
- Able to take ownership and set direction in grey areas
- A burning desire to grow in both engineering and security expertise
Nice to have
- Exposure to web application assessment tools such as Burp Proxy, Metasploit, Nessus, etc.
- Exposure with log analytics and writing security alert queries
- Exposure to Web-Application & Network penetration testing
- Experience in research and development in the security field is desired
- Understanding of the TCP/IP Stack, Web-Application Architecture, Encryption fundamentals & OWASP Top 10
- Able to work independently or with a team
- Able to multi-task and deliver consistently on deadlines
- Able to give training and communicate vulnerabilities to developers/managers
Meet Some of Veeva's Employees
CJ helps build scalable platforms and applications while collaborating with Product Teams to brainstorm and implement unique solutions. He also maintains features after they’ve been introduced.
Back to top