Job Summary

The BlackLine Information Security Operations team provides critical technical security protections for both internal and external customers. As part of the larger InfoSec team, the cloud security engineer will split his or her time between design, develop, and deliver new solutions to innovatively solve tough security problems; and at the same time will spend time in a dynamic detection and response team serving to provide incident response capabilities protecting our global footprint. The role includes deep threat analysis, design and delivery of solutions and tuning purpose-built security tools and services. This employee will be responsible for the daily operation and management of two or more security technical controls to protect customers and their data.

Roles and Responsibility (list in order of importance)

• Participate in a 24/7 global operation that looks for and responds to security events on BlackLine networks, especially those on our multicloud footprint.
• Perform investigations on a wide variety of events from various sources to determine whether they pose a threat.
• Participate in resolving large-scale security incidents.
• Work with teams from around BlackLine to discover new detection capabilities and logging sources.

• Assist in design of security tools and drive its implementation to protect BlackLine networks and systems.
• Provide security expertise and guidance to a diverse set of BlackLine engineering and business teams.
• Conduct security reviews of core corporate and production infrastructure, systems, and tools.
• Drive enterprise focused security improvements to BlackLine systems and services.
• Build security tools and processes using Python for critical infrastructure protection, monitoring and remediation.
• Execute technical and process changes required to adopt, maintain, and adjust InfoSec controls as required to manage the company's risks and align with industry best practices
• Operate/maintain/improve security tools and capabilities using industry best practice and standards
• Execute network and device security strategy in conjunction with technical leadership and guidance from senior team members
• Work with peers in other internal groups to drive technical security risk down in targeted areas.
• Take end-to-end ownership of one or more security tools and metrics, driving risk down actively across BlackLine's global footprint

Required Qualifications

Years of Experience in Related Field: 1-3 yrs

Education: Bachelor's degree

Technical/Specialized Knowledge, Skills, and Abilities:

• Bachelor's degree in Computer Science or a related technical field, or equivalent practical experience.
• 1-5 years of relevant industry experience in security, with 1 or more years experience in infrastructure or operations in another technical department.
• Coding experience in one or more scripting or command line languages.
• Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.
• Working understanding of command line navigation in both MS and 'nix style operating systems
• Familiarity with different families of technical security controls and tools
• Demonstrated ability to understand systems architecture, data flows, and to make recommendations on risk
• Ability to learn and operate independently
• Problem solving ability and clear communication skills
• Operate with some supervision, and demonstrate taking initiative in one or more security program(s)

Preferred Qualifications

• At least 2 years working in cloud, mobile, database administration or network infrastructure prior to coming to security
• CISSP, CISA or other information security associated certification
• CHFI
• Masters, Electrical Engineering or Computer Systems
• GCIH is recommended
• Hands-on experience with logging/monitoring/alerting tools