Natera
Cybersecurity Lead, Incident Response & SOC
Natera, San Carlos, California, United States, 94070
Cybersecurity Lead, Incident Response & Soc
The Senior Information Security Engineer is a hands-on leader who is accountable and responsible for continuous monitoring and appropriate response to all Information Security vulnerabilities and incidents (potential & actual) at Natera including detection, response and recovery from these Information Security Incidents. Primary Responsibilities: Define, scale and streamline InfoSec incident response and vulnerability management capabilities for improved effectiveness and efficiency. Drive towards continuous improvement in proactive management of vulnerabilities and potential security incidents including vulnerability scanning, threat hunting, identification and acting on anomalous activity based on improvement in processes, tools and techniques. Lead and perform end-to-end incident response for all types of security events including collaboration with external SOC and law enforcement as needed. Manage the day-to-day operation of the vulnerability management program, including vulnerability scanning, testing, reporting and work with stakeholders as necessary to develop vulnerability remediation strategies. Perform detailed analysis and risk evaluation of vulnerabilities, attack vectors, attack surfaces and detection avoidance tactics. Constantly strive to improve earlier detection, response, and recovery operations by conducting a lesson learned exercise and communicate with Senior Management in IT and business. Ensure appropriate evidence handling and chain of custody for security incidents. Develop & enhance appropriate incident & vulnerability management dashboards in SIEM & and other tools to be able to report regularly on Vulnerability Risk and Security Incidents on an ongoing basis. Monitor external event sources for emerging vulnerabilities, threats and attack scenarios and influence/assist the other Information Security, Engineering, and IT teams to build appropriate controls to combat these threats. Collaborate with external Threat Intelligence sources to stay ahead of the threats before they can potentially impact Natera. Establish and maintain excellent working relationships/partnerships with the broader IT organization and business units. Qualifications: B.S. in Computer Science or related field, or equivalent experience. Minimum of 5 years of related experience, which includes a minimum of 3+ years of specific experience in large enterprise information security operations technologies, tools and processes. Current Industry certificates: PNSE, CEH, Security+, CCNA/CCNP, CISSP, etc. preferred. Knowledge, Skills, and Abilities: Excellent written and verbal communication skills; ability to convey security concepts to non-technical audiences (e.g. senior and executive management, internal customers) Ability to act as a Business Systems Analyst and clearly articulate and elicit business requirements and use-cases in a manner that is technology agnostic Recent experience with the AWS and Google security stack Knowledge of operating systems (UNIX/Linux, MacOS X and Windows) and of database management systems (Oracle, SQL Server, etc.) Experience with Security Event Information Management systems (SIEM), and Log Aggregation systems Experience with Security Vulnerability Management tools Experience with virtualization and cloud-based (AWS, Azure) networks Capable of performing network forensics and ability to read packet captures Experience with both Open Source and COTS Security Monitoring & Incident Response Tools Excellent hands-on capability in AI, Agent Based SecOp, and scripting/automation to build and run next gen SecOp and IR.
The Senior Information Security Engineer is a hands-on leader who is accountable and responsible for continuous monitoring and appropriate response to all Information Security vulnerabilities and incidents (potential & actual) at Natera including detection, response and recovery from these Information Security Incidents. Primary Responsibilities: Define, scale and streamline InfoSec incident response and vulnerability management capabilities for improved effectiveness and efficiency. Drive towards continuous improvement in proactive management of vulnerabilities and potential security incidents including vulnerability scanning, threat hunting, identification and acting on anomalous activity based on improvement in processes, tools and techniques. Lead and perform end-to-end incident response for all types of security events including collaboration with external SOC and law enforcement as needed. Manage the day-to-day operation of the vulnerability management program, including vulnerability scanning, testing, reporting and work with stakeholders as necessary to develop vulnerability remediation strategies. Perform detailed analysis and risk evaluation of vulnerabilities, attack vectors, attack surfaces and detection avoidance tactics. Constantly strive to improve earlier detection, response, and recovery operations by conducting a lesson learned exercise and communicate with Senior Management in IT and business. Ensure appropriate evidence handling and chain of custody for security incidents. Develop & enhance appropriate incident & vulnerability management dashboards in SIEM & and other tools to be able to report regularly on Vulnerability Risk and Security Incidents on an ongoing basis. Monitor external event sources for emerging vulnerabilities, threats and attack scenarios and influence/assist the other Information Security, Engineering, and IT teams to build appropriate controls to combat these threats. Collaborate with external Threat Intelligence sources to stay ahead of the threats before they can potentially impact Natera. Establish and maintain excellent working relationships/partnerships with the broader IT organization and business units. Qualifications: B.S. in Computer Science or related field, or equivalent experience. Minimum of 5 years of related experience, which includes a minimum of 3+ years of specific experience in large enterprise information security operations technologies, tools and processes. Current Industry certificates: PNSE, CEH, Security+, CCNA/CCNP, CISSP, etc. preferred. Knowledge, Skills, and Abilities: Excellent written and verbal communication skills; ability to convey security concepts to non-technical audiences (e.g. senior and executive management, internal customers) Ability to act as a Business Systems Analyst and clearly articulate and elicit business requirements and use-cases in a manner that is technology agnostic Recent experience with the AWS and Google security stack Knowledge of operating systems (UNIX/Linux, MacOS X and Windows) and of database management systems (Oracle, SQL Server, etc.) Experience with Security Event Information Management systems (SIEM), and Log Aggregation systems Experience with Security Vulnerability Management tools Experience with virtualization and cloud-based (AWS, Azure) networks Capable of performing network forensics and ability to read packet captures Experience with both Open Source and COTS Security Monitoring & Incident Response Tools Excellent hands-on capability in AI, Agent Based SecOp, and scripting/automation to build and run next gen SecOp and IR.