Senior Security Engineer - 🔵 Blue Team

Raya is a technology company that operates an exclusive, membership-based social network, comprising two primary applications. The Raya application facilitates social networking, emphasizing connections among individuals within creative industries, and requires a selective application process. Raya App, Inc., also offers "Places," a travel application that provides curated destination recommendations. Both applications underscore the company's focus on fostering private online communities and upholding values such as trust, respect, and privacy.
We are seeking a highly skilled and experienced Blue Team Lead Security Engineer to join our dynamic cybersecurity team. In this role, you will be a key player in safeguarding our organization's assets by leading and enhancing our defensive security capabilities. You will be responsible for proactively identifying, analyzing, and mitigating security threats, as well as mentoring and guiding other security team members. The ideal candidate possesses a deep understanding of security principles, advanced technical expertise, and a passion for staying ahead of the ever-evolving threat landscape.
We offer comprehensive medical and dental coverage, $50 a day food delivery budget, equity based employment, a great culture, learning opportunities, unlimited vacation, 12 weeks paid parental leave, and we pay all employees $1,000 a year to go somewhere in the world that they’ve never been because of our values of human connection, empathy, and curiosity.

Responsibilities

• Security Monitoring and Incident Response:
• Lead real-time security monitoring efforts, including analyzing logs and providing incident response coverage and support.
• Triage and investigate security alerts, identify root causes, and implement effective containment and remediation strategies.
• Develop and maintain incident response plans and procedures.


• Threat Detection and Rule Writing:
• Design, develop, and implement threat detection rules and alerts to identify malicious activity.
• Continuously improve detection capabilities based on emerging threats and vulnerabilities.
• Optimize security tools and technologies for efficient and effective threat detection.


• Incident Visibility and Response: 
• Increase signal fidelity and reduce false positives in our Security Information and Event Management (SIEM) system.
• Develop and implement strategies to improve the quality and relevance of security data within the SIEM.
• Customize and configure the SIEM to meet specific security needs and objectives.


• Threat Intelligence Integration:
• Integrate and operationalize threat intelligence feeds to enhance detection and prevention capabilities.
• Analyze threat intelligence reports to identify relevant threats and vulnerabilities.
• Develop and implement proactive measures to defend against known and emerging threats.


• Security Systems Development:
• Create and implement systems and processes to improve event analysis and correlation (e.g., leveraging AI, machine learning, and automation).
• Develop tools and scripts to automate security tasks and improve efficiency.
• Evaluate and recommend new security technologies and solutions.


• Security Scanning and Vulnerability Management:
• Create, configure, and manage security scanners for vulnerability assessments and penetration testing.
• Conduct regular vulnerability scans and analyze results to identify security weaknesses.
• Prioritize and track vulnerabilities, and work with relevant teams to ensure timely remediation.


• Threat Hunting:
• Conduct proactive threat hunting activities to identify and investigate potential security threats that may evade traditional detection methods.
• Develop and utilize threat hunting methodologies and techniques.
• Analyze network traffic, system logs, and other data sources to uncover malicious activity.


• Vulnerability and Security Scanning:
• Perform regular vulnerability scanning of systems and applications.
• Conduct security assessments to identify potential weaknesses.
• Work with development and operations teams to remediate identified vulnerabilities.


• Mentorship and Leadership:
• Provide technical leadership, guidance, and mentorship to junior security engineers and analysts.
• Foster a collaborative and knowledge-sharing environment within the security team.
• Contribute to the development of security best practices, policies, and procedures.

Qualifications

• 5+ years of experience in a cybersecurity role, with a focus on blue team operations.
• Strong understanding of security principles, frameworks, and best practices (e.g., MITRE ATT&CK, NIST Cybersecurity Framework).
• Extensive experience with security tools and technologies, including SIEM systems, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR) solutions, vulnerability scanners, and log management tools.
• Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and tool development.
• Experience with threat intelligence platforms and sources.
• Strong analytical, problem-solving, and troubleshooting skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team

Preferred Qualifications

• Experience with cloud security (e.g., AWS, Azure, GCP).
• Knowledge of AI/ML concepts and their application to security.
• Experience with DevSecOps practices.
• Relevant security certifications (e.g., CISSP, GCIH, GCIA, CEH) are highly desirable.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.