Job Description
As a member of 6sense’s Security department, the Security Operations and Threat Management team protects 6sense through prevention, detection, investigation, and response to business-impacting security events, incidents, and threats Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis Engage vendors, Infrastructure, IT, GRC, Cloud, and Application Security teams as required to validate alerts, ensure incident resolution, and perform root cause analysis Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services Perform security forensics Build security tools and advanced automation that enable the 6sense Security Team to operate at speed and scale Propose, plan, lead, and execute threat exercises based on current security trends, advisories, publications, and academic research Mentor engineers across Information Security to drive security controls and risk remediation Communicate risks and mitigations across multiple audiences with varying levels of sensitivity Execute on quarterly individual Key Results that support team Objectives (OKRs) Performance Measurement: Maintains up-to-date knowledge of 6sense’s product, environment, systems, and architecture Actively prepares for weekly 1:1s with Manager and monthly skip levels Takes part in the Security Operations on-call rotation Mitigates security exposures Drives incidents to closure within established SLAs Participates in creation of milestones associated with major security projects Executes on milestones associated with major security projects Develops and maintains up-to-date handbook pages, runbooks, workflows, and dashboards Provides project status updates on a weekly basis Benefits Health & Wellness: Parental Leave, Wellness Days Off, Quarterly Wellness Speakers, Wellness Challenges Giving Back: Giving Fridays Rotating Charity Support, 6sense Gives Back Programs, Month of Service Social Well Being: Flexible Time Off, HUB Working Model, WeWork Access Professional Development: LinkedIn Learning Courses, WFH Stipend, Revenue Certifications, Management Training- Experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS) Experience with industry frameworks, regulations, and standards, such as: MITRE ATT&CK, STRIDE, PASTA, ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc 5+ years of experience being part of a Security Operations or similar team 3+ years of experience developing automation 2+ years of experience conducting adversary emulation exercises Bachelor’s degree in a related field Relevant industry certifications, such as CISSP, CISM, or GIAC, are highly desirable