Senior Staff Engineer - Cybersecurity Operations

SUMMARY / JOB PURPOSE :

Join our highly skilled and rapidly growing cybersecurity team as a Senior Staff Engineer. In this role, you will be at the forefront of our cybersecurity operations, focusing on threat detection, incident response, and continuous monitoring to protect our organization's critical assets. This highly skilled individual will also work closely with product owners and business units outside Information Security to ensure that all applications, systems, and processes are secured and hardened.

The Sr. Staff Engineer - Cybersecurity, implements, manages, and improves secure technology solutions for the organization's information systems. The role will develop and implement advanced threat detection and response strategies, conduct proactive threat hunting, and continuously evolve cybersecurity tools to mitigate, prevent, or detect new attacks. Collaborating with cross-functional teams, you'll enhance the organization's cybersecurity posture and ensure compliance with industry standards. Additionally, you'll maintain and improve SOC tools and processes, mentor junior analysts, and prepare detailed incident reports and recommendations for senior management.

ESSENTIAL DUTIES AND RESPONSIBILITIES :

• Oversee the end-to-end threat management process, from initial detection and analysis to containment, eradication, and recovery. Ensure that all incidents are thoroughly investigated and documented, and that lessons learned are incorporated into future threat management strategies.
• Lead and coordinate incident response efforts with different groups, ensuring timely and effective resolution of cybersecurity incidents.
• Develop and maintain incident response plans and playbooks to guide the team during cybersecurity events.
• Regularly assess the effectiveness of detection mechanisms and make necessary adjustments to improve accuracy and coverage. This includes conducting regular threat hunting exercises to identify gaps and areas for improvement.
• Create and refine correlation rules within the SIEM to identify complex attack patterns and reduce false positives. This involves analyzing cybersecurity events and developing rules that accurately detect malicious activities.
• Incorporating threat intelligence feeds into the team's detection capabilities to stay updated on the latest threats and attack techniques. Use this intelligence to enhance detection rules and response strategies.
• Utilize machine learning and behavioral analytics to identify anomalies and potential threats that traditional signature-based tools might miss. This includes analyzing user behaviors and network traffic to detect suspicious activities.
• Regularly review and fine-tune the configurations of current cybersecurity tools such as SIEM, EDR, and IDS / IPS to ensure they are effectively detecting and alerting on potential threats.
• Conduct and analyze phishing simulations to assess and improve the organization's resilience against phishing attacks. Develop training and awareness programs based on the results to educate employees on recognizing and responding to phishing attempts.
• Work with various log sources and data feeds to enhance the visibility and detection capabilities of the team. This includes integrating logs from network devices, servers, applications, and cloud environments.
• Responsible for creating and maintaining playbooks to standardize and automate threat response procedures. This includes developing automated workflows to streamline incident response, reduce response times, and improve the overall efficiency and effectiveness of the cybersecurity operations team.
• Stay current with the latest threat landscape and emerging trends in cybersecurity to proactively identify and mitigate potential cybersecurity risks.
• Contribute to the overall information cybersecurity strategy.

SUPERVISORY RESPONSIBILITIES :

EDUCATION / EXPERIENCE / KNOWLEDGE & SKILLS :

Education :

Experience :

Knowledge / Skills / Abilities :

WORKING CONDITIONS :

#LI-EZ1

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Our compensation reflects the cost of labor across severalU.S. geographic markets, and we pay differently based on those defined markets. The base pay range for this positionis $150,000 - $213,000 annually. The base pay range may take into account the candidate's geographic region, which will adjust the pay depending on the specific work location. The base pay offered will take into account the candidate's geographic region, job-related knowledge, skills, experience and internal equity, among other factors.

In addition to the base salary, as part of our Total Rewards program, Exelixis offers comprehensive employee benefits package, including a 401k plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts. Employees are also eligible for a discretionary annual bonus program, or if field sales staff, a sales-based incentive plan. Exelixis also offers employees the opportunity to purchase company stock, and receive long-term incentives, 15 accrued vacation days in their first year, 17 paid holidays including a company-wide winter shutdown in December, and up to 10 sick days throughout the calendar year.

DISCLAIMER

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.