Security Operations Engineer II - Provo

At Qualtrics, we create software the world's best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platform-we are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit, determination, and a disdain for convention-but most of all it requires close-knit, high-functioning teams with an unwavering dedication to serving our customers.

When you join one of our teams, you'll be part of a nimble group that's empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together, by passing the mic and iterating until the best solution comes to light. You won't have to look to find growth opportunities-ready or not, they'll find you. From retail to government to healthcare, we're on a mission to bring humanity, connection, and empathy back to business. Join over 5,000 people across the globe who think that's work worth doing.

Security Operations Engineer II - Provo

Why We Have This Role

Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for an experienced engineer to join our security operations center / incident response team who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.

How You'll Find Success

Ability to respond to emergency calls during non-business hours, as needed.

Possess the ability to react quickly, decisively, and deliberately.

Excellent verbal and written communication skills.

Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership.

Your natural curiosity of discovering the unknown drives your success.

How You'll Grow

You'll increase your technical expertise by operating a wide range of technologies to solve modern security problems in a fast paced SaaS Environment.

You'll improve your security expertise by responding to real-world security threats across the Qualtrics enterprise and application.

You'll learn to reduce security risks by collaboratively partnering with a globally distributed team.

You'll gain expertise around the Qualtrics XM Platform.

Things You'll Do

Performs Level 2 / 3 SOC / IR and shift lead duties as a part of a 24 / 7 security incident watch team in a multi-timezone follow-the-sun rotation.

Provides leadership, mentoring, and training to SOC / IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.

Provides onboarding training and coaching for junior SOC / IR Engineers.

Performs network and endpoint forensics to establish attack scope and root cause analyses.

Ensures communication and escalation of security activities to leadership.

Performs additional analysis of escalations from SOC engineers and conducts incident review.

Leads development of workflow automation to lower response time and eliminate lengthy response times

Develop and improve attack remediation strategies, incident handling processes, standard operating procedures, playbooks, and automations.

Identifies alerting gaps and develops strategies to increase threat detection coverage.

Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response.

What We're Looking For On Your Resume

Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study.

3-5 years of experience in the Information Security field.

2-5 years of prior SOC and / or Incident Response experience.

Experience performing analysis utilizing IDS / AV / Firewall consoles.

Experience performing analysis using EDR technologies.

Experience with cloud computing and AWS services.

Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux.

Strong understanding of networking and associated protocols.

Development skills including scripting (e.g. Python, shell scripting).

Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs).

Knowledge of STIX / TAXII, SIGMA, DISA STIGs.

In Qualtrics SOC, all team members know how to code - we don't have pure "Security Analyst" positions. We believe that through automation we can detect and respond to threats better than typical SOCs.

What You Should Know About This Team

Innovation at Our Core : Our Security Engineering team embraces change and thrives on solving complex challenges. We value experimentation, continuous learning, and push the boundaries of conventional security practices.

Collaborative Environment : We believe in the power of teamwork and foster open communication across the team and the wider organization. Your ideas will be heard, and your collaboration will be essential.

Data-Driven Approach : We rely on data-driven insights to inform our security strategies, measure effectiveness, and continuously improve our posture.

Growth Mindset : We are committed to your professional development. You'll have opportunities to expand your expertise, contribute to high-visibility projects, and advance your career in cybersecurity.

Joining our team means stepping into a role that's vital, challenging, and deeply linked to Qualtrics' aim of reshaping industries by harnessing the power of Experience Management and AI.

Our Team's Favorite Perks and Benefits

Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours

We take pride in our offices design aiming at cultivating creativity from our rooftop views to an open and collaborative work space

On top of the standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office

The Qualtrics Hybrid Work Model : Our hybrid work model is elegantly simple : we all gather in the office three days a week; Mondays and Thursdays, plus one day selected by your organizational leader. These purposeful in-person days in thoughtfully designed offices help us do our best work and harness the power of collaboration and innovation. For the rest of the week, work where you want, owning the integration of work and life.

Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.

• ??????? Applicants in the United States of America have rights under Federal Employment Laws : Family & Medical Leave Act () , Equal Opportunity Employment () , Employee Polygraph Protection Act ()

Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and / or to receive other benefits and privileges of employment, please let your Qualtrics contact / recruiter know.

Not finding a role that's the right fit for now? Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events, behind the scenes stories from the team, interview tips, hot jobs, and more. No spam - we promise! You'll hear from us two times a month max with fresh, totally tailored info - so be sure to stay connected as you explore your best role and company fit.