Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Sr. Security Operations (SecOps) Engineer

AT Vimeo
Vimeo

Sr. Security Operations (SecOps) Engineer

Bangalore, India



As a Sr. Security Operations Engineer at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our 300+ million users who entrust Vimeo with their content every day.


You’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.


You will likely collaborate frequently with and support developers, as well as members of the infrastructure security team, the compliance team, IT, Product, and other teams throughout the organization.


You love to solve puzzles, and are a great team player.


This role is remote.


What you'll do:

Want more jobs like this?

Get Software Engineering jobs in Bangalore, India delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Depending on your preferences and the current needs of the team, you may either focus on just some of the following areas, or you may choose to become involved with all of them.



  • As a Sr. SecOps Engineer, you will be responsible for ensuring the security of our systems and infrastructure. You will work closely with our development, DevOps teams to identify and remediate vulnerabilities, implement security best practices, and automate security processes. You will also monitor and respond to security incidents and maintain compliance with industry and regulatory standards.

  • Conduct security assessments of our systems and infrastructure to identify vulnerabilities and risks, identify risk owners and implement mitigating controls.

  • Implement and maintain security controls, including access controls, Zero trust network access (ZTNA), network segmentation, and security monitoring tools.

  • Design and operate identity management, lifecycle, governance and SSO. ● Implement and operate cloud security hardening and cloud security posture management across Google cloud and AWS.

  • Develop and maintain security policies and procedures, and ensure compliance with industry and regulatory standards.

  • Collaborate with SRE, AppSec and Information technology around vulnerability management, endpoint hardening, detection and response.

  • Participate in incident response activities, including investigating security incidents and responding to security alerts.

  • Collaborate with development and DevOps teams to implement security best practices throughout the software development and infrastructure lifecycle.

  • Automate security processes using scripting and other automation tools. ● Stay up-to-date with the latest security threats, vulnerabilities, and technologies. ● Collaboration with the compliance and privacy team — help ensure that our company complies with industry best practices and standards

  • Process improvements — help strengthen our own internal processes and procedures


Skills and knowledge you should possess:



  • 4+ years of experience in a security or operations role, preferably in a cloud-based Linux environment.

  • 2+ years experience with container and container orchestration systems ● Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience.

  • Strong knowledge of security best practices and industry standards, such as NIST, CIS, and ISO.

  • Relevant certifications such as CISSP, CCSP, or AWS Certified Security Specialty are a plus.

  • Experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and endpoint protection.

  • Experience with automation tools such as Terraform, Ansible, or Chef. ● Strong scripting skills using Python, shell, or other scripting languages. ● Excellent problem-solving skills and the ability to work well under pressure. ● Good communication and interpersonal skills.Confident working in and across cloud


environments like AWS and GCP. Detailed knowledge of at least one cloud environment. ● Confident with common SDLC components, like git, Jira, Jenkins, etc ● At least an upper-intermediate level of English


Bonus points (nice skills to have, but not needed):



  • Experience implementing zero trust network access such as Z-Scaler, Warp, Google beyondCorp etc.

  • Experience implementing identity lifecycle including provisioning, quarterly access reviews, role management and deprovisioning.

  • Understanding of FIDO2 and machine certificate authentication flows. ● Experience with Crowdstrike and OKTA.

  • Experience with system security hardening guidelines and SDLC principles ● Experience with implementing Fedramp and/or HIPAA.#LI-MM1





About Us:


Vimeo (NASDAQ:VMEO) is the world’s most innovative video experience platform. We enable anyone to create high-quality video experiences to connect better and bring ideas to life. We proudly serve our growing community of nearly 300 million users — from creative storytellers to globally distributed teams at the world’s largest companies. Learn more atwww.vimeo.com.


Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity, and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.


Client-provided location(s): Bengaluru, Karnataka, India
Job ID: 7ad642783b283035a4bcfa072a9d9dbfa9091447b1731be2883bb7bbd6ae6ae7
Employment Type: Other