Security Engineer

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth potential ahead.
At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.
As a Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.
Join us in transforming the life sciences industry, committed to making a positive impact on its customers, employees, and communities.
The Role
This role requires an experienced Security Engineer to bolster the security operations team's incident response, automation, and vulnerability management processes. This engineer will be expected to aid in streamlining incident response playbooks, have extensive knowledge of AWS architecture, and craft/tune SIEM rules to align with certain specific anomalous behaviors. This role will be an on-call position in a team rotation.

What You’ll Do

• Serve in an incident response capacity: triage alerts, analyze behaviors, coordinate with stakeholders, and execute containment actions to mitigate threat activity to the network
• Craft and tune alerts to minimize false positive rates and indicate specific adversarial behavior
• Develop playbooks to automate various processes such as threat intel IOC ingestion, IOC database integration with other security tools, incident response scripts, and logging queries
• Vulnerability management refinement to include automation of ticket dissemination or closure and crafting specific policies and alerts for specified cyber terrain
• Maintain excellent awareness of the status of all on-prem and cloud devices’ reporting capabilities to the overarching tool suite, and take prompt action to ensure proper functionality and health of the tools
• Collaborate with various stakeholders to identify gaps and pitfalls in security issues
• Engage in security exercises and purple team events based upon gathered threat intelligence and relevant actors to simulate and understand the true risk to business operations
• Develop and maintain relevant performance metrics in incidents and vulnerabilities to influence decisions at higher leadership levels

Requirements

• 4+ years’ experience as a Security Engineer or equivalent
• Significant experience in setting up and maintaining AWS infrastructure
• Significant experience in automation languages in the context of incident response
• Strong experience in evaluating and assessing a vulnerability severity level based on a variety of internal and external factors surrounding it
• Strong communication skills with tactical personnel and senior-level leadership
• Strong understanding of various methods to address vulnerabilities
• Strong experience in coordinating with various teams’ solutions to manage and prioritize vulnerability remediation
• Extensive experience in vulnerability management-related tools
• Extensive skills in developing, tuning, and crafting specific behavioral alerts that are tailored to unique and relevant cyber threats
• Extensive background in the incident response life-cycle and engaging in decision-making processes to take actions that align with company's best interests
• Complex problem-solving skills with the ability to work with minimal supervision
• Legally eligible to work in the United States

Nice to Have

• Strong familiarity with Atlassian products
• Strong familiarity with the python automation language
• Strong knowledge of governing regulations such as HIPAA, GDPR, ISO 27001, and SOC 2 compliance standards
• Exceptional skill in excel data transformations, pivot table creation, and gathering key statistical insights
• Good understanding of attack surface management principles
• Good familiarity in automating scanning results to different reporting media (excel sheets, Jira, etc)

Perks & Benefits

• Medical, dental, vision, and basic life insurance
• Flexible PTO and company paid holidays
• Retirement programs
• 1% charitable giving program

Compensation

• Base pay: $90,000 - $125,000
• The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.

#LI-RemoteUS
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com.