Meet our Team
Hitachi Vantara seeks a passionate and talented Security Operations Engineer to join our Cloud Engineering team to support Hitachi Vantara customers and services groups to help monitor and manage cloud security operations. In the role, you will monitor customer environments for malicious activity, IDS alerts, network logs and many other types of security alerts that provide insight into system activity and security posture management. As part of the Cloud Engineering team, you will report to the Director Security Architecture and Governance and actively engage in analysis and investigations as incidents arise to improve Hitachi Vantara's customers and Global Cloud Operations security posture.
The Security Operations Engineer should be a technically experienced information professional who can translate security solutions to address a wide range of IT security, privacy, and compliance challenges. This Security Operations Engineer will directly engage with customers in adapting their security operations to enable them to monitor their sensitive workloads in their cloud environment. What you'll be doing
Responsible for the design and development of innovative security architectures for protecting data deployed in Cloud service providers.
• Assess day-to-day monitoring of IT security systems by reviewing end customer security alerts and logs.
• Assess how customer teams investigate security alerts and handle incident response.
• Document security processes and procedures for end customers and operations teams.
• Collaborate with InfoSec and Global Cloud Operations personnel in analysis, discovery, and containment of cyber security incidents.
• Provide expertise and support in deployment of security measures and understand information security management.
• Provide guidance for a strong security posture in direct interaction with DevOps teams in deployment of orchestration, automation, and security configuration management throughout the SDLC pipeline/process.
• Experience working with security assessment teams during testing to be able to convey findings to technical and non-technical audiences and analyze the results of vulnerability scans and/or penetration testing.
• Designing and implementing automated security processes and controls to increase operational effectiveness and to reduce manual processes.
• Interfacing with infrastructure and other teams throughout the organization with the objective to provide high quality and low friction, security operations services and compliance with internal and regulatory security standards
• Preparing and documenting standard operating procedures.
• Act as part of the incident response team providing troubleshooting, analysis and forensics when needed.
• Review solutions, recommendations, and risk documentations to minimize risk of implementation of recommended products, applications, and infrastructure
• Stay current on IT security trends, news, and standards. What you bring to the team
• Self-motivated, energetic individual who is passionate and outcome focused with the ability to learn with a strong work ethic and adapt quickly to changing environments and priorities.
• Bachelor's degree in related area and / or equivalent experience / training.
• Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.
• Solid understanding of security fundamentals as they pertain to Cloud and Public Sector compliance
• Experience using IT security systems and tools including SIEM (SumoLogic, ELK, Splunk, LogRythm, etc.), EDR and Anti-Malware technology and platforms
• Experience with threat model, network security, cryptography, authentication, authorization and RBAC
• Solid understanding and experience with securing public cloud deployments and distributed systems using public cloud hosting, including AWS, Azure, and GCP.
• Knowledge of data encryption techniques.
• Knowledge of DevOps, SecOps and incident management functions and their roles in IT security.
• Knowledge of scripts and languages such as Bash/PowerShell/Python/Go
• Experience working in highly regulated environments that need to meet and maintain SOC 2, PCI, HITRUST, NIST 800-53, ISO 27000 series compliance requirements
• Excellent computer proficiency including JIRA, Salesforce, and MS Office - Word, Excel, Outlook, SharePoint
• Experience with security testing tools (Qualys, Nikto, Burp suite, Appscan, WebInspector, SQLMAP, Kali, etc.)
• Understanding of application security patterns including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, Mobile authentication, and key exchange) strategies.
• Knowledge of how to execute security testing (SAST, DAST and SCA) implemented via a CI/CD pipeline.
• Should have 5+ years of experience with cybersecurity, the RMF process and the NIST 800-53 security controls, the Federal and/or DoD
• Ability to assist in coding of custom automations of security tasks is a plus
• Ideally an industry recognized certification: AWS Security, Azure Security, SSCP, Security+, CISA, CCSK, CEH or alternative.Our Company
Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.
Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you.Our Values
We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours and flexible arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.
We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:
Wa - Harmony, Trust, Respect
Makoto - Sincerity, Fairness, Honesty, Integrity
Kaitakusha-Seishin - Pioneering Spirit, Challenge