Who you are

• The ideal candidate possesses a natural curiosity about information security, a passion for doing what’s right, and will use their expertise to implement a best-of-class Enterprise Security program at PagerDuty
• At least 5 years of experience in the information security industry, with 3+ years in network security or zero-trust, and 3+ years in security architecture or solution experience
• Extensive knowledge of Information Security concepts especially in the areas of security threats, analyzing security logs and driving Incident response
• Extensive knowledge and practical experience in network security and zero-trust
• Broad understanding of the IAM cybersecurity landscape including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
• Deep understanding of security technologies and concepts including SIEM, MDR/XDR, EDR and vulnerability management
• Strong understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework)
• Strong knowledge of incident response processes
• Familiarity with the following industry frameworks & regulatory standards: HIPAA-HITECH, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), ISO 27001/2, NIST Cybersecurity Framework (CSF/800.53), SOC2, FedRAMP
• Current certification in an industry-recognized information security certification such as CISSP, CISA, CISM, Security+, CEH, GIAC GSEC/GCIH, SSCP
• Strong scripting and automation skills (Bash, Python, Javascript, etc.)
• Familiarity with RBAC, ABAC, and PoLP
• Direct, hands-on experience configuring and administering Crowdstrike
• Crowdstrike certifications (Crowdstrike Certified Falcon Administrator (CCFA), Crowdstrike Certified Falcon Responder (CCFR), Crowdstrike Certified Falcon Hunter (CCFH))
• Experience in endpoint security, identity and access management, incident response, and/or vulnerability management
• Direct experience developing thresholds, alerts, dashboards, and incident response playbooks
• Familiarity with the PagerDuty platform is a plus

What the job involves

• PagerDuty is seeking an Enterprise Security Engineer to join our diverse, customer-focused team
• As a member of the IT Operations & Security team, you will collaborate with a global team of technology and security professionals to proactively identify and mitigate enterprise risks, monitor and respond to security events, respond to and assist in security incidents as a security incident responder, and protect PagerDuty’s enterprise systems, data, and operations
• You will be responsible for partnering closely with the CISO organization on the planning and execution of key security initiatives related to enterprise security
• You will develop and track key security metrics and ensure best-in-class operations, including the creation and ongoing maintenance of enterprise security technology runbooks, and automated workflows, assisting in process refinement and operational ownership of enterprise security technologies
• You will collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company to define, design, and implement security programs and technology projects and will communicate and interact regularly with senior IT and business leadership
• Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions
• Tracking the evolution of cutting-edge security technologies, and keeping up to date of the latest security threats and trends
• Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the Enterprise Security department
• Monitors security alerts and leads the team in identifying and responding to security threats
• Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
• Working cross-functionality to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
• Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
• Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
• Drive the design and development of automated security response and maintenance solutions
• Oversee our workstation vulnerability management & endpoint compliance program
• Develop internal playbooks and tabletop exercises to train teams on how to handle common attack scenarios
• Develop and report metrics on security posture (e.g. endpoint compliance, vulnerability gaps, application security, etc.)
• Partner with Compliance teams to ensure and demonstrate implemented controls are working efficiently
• Participates in information security control assessments providing risk-based gap analysis and prioritized remediation recommendations
• Act as SME for EDR tooling on corporate Workstations
• Participate on rotating on-call schedule

Benefits

• 20 hours per year of paid volunteer time
• Health insurance
• Wellness Days and mid-year Wellness Week: extra time off for whole company to unplug and recharge at the same time
• Generous paid parental leave and return to work policy to help with transition back
• Generous paid time off
• Hands-on career and leadership development programs
• Flexible workplace/WFH