team lead security operations jobs



Reporting to the VP Security you will lead a small team of security engineers to look after daily SecOps tasks and blue team activities. 
 
What does this mean in practice? Your team will be responsible for monitoring and maintaining our SOC/SIEM, responding to security incidents, managing access to sensitive platforms, configuring VPNs, working with technical teams to remediate vulnerabilities and much more. 
 
This is a technical hands-on role that will require the deployment of impactful security measures and solutions as well as growing a small team and delivering security best practices. 
 
Although a remote role (Time Zone +/- 3 GMT), occasional travel to Spain and the UK is required. 
 
We are looking for a highly motivated senior security engineer with in-depth experience in general technical security administration and blue team response. 
Experience with cloud technologies is necessary for this role. Scripting or Pentesting knowledge is desired but not required. 
 
Personal Traits 
 
This is a hugely exciting time to be joining the Ebury and to lead a small team that is one of the key pillars of the security team. As a team focused engineer with fluency in English this is the opportunity to shape security for Ebury. 
 
So if you have a knack for solving problems, motivating others around you and the ability to design pragmatic security solutions then this is the opportunity for you. 

Ideally, we are looking for someone that has: 

  • Experience with cloud-native secure network systems (e.g WAF, Cloud-NAT firewalls, NACLs,...) 
  • The ability to propose and develop pragmatic security solutions to business needs 
  • Preferably some scripting experience (Python, Bash,...). Although not essential 
  • Experience with cloud-native security services such as GuardDuty, WAF, Firewall Manager, SecurityHub etc. 
  • Blue Team knowledge such as incident response and familiarity with SIEM tools or internal SOC operation. This includes configuring log ingest and correlation, alert rule configuration, response integration/automation and reporting. 
  • Ability to engage a variety of stakeholders and drive security across the company 
  • Good understanding of technical security risks and attack vectors 
  • Comfortable working in a fast-paced environment on an Agile basis