Senior SOC Engineer
Upgrade is a fintech unicorn founded in 2017. We are the fastest-growing company in the Americas (Financial Times). In the last five years, over 15 million people have applied for an Upgrade card or loan, and we have delivered over $10 billion in affordable and responsible credit. Our innovative Upgrade Card is the fastest growing credit card in America (Nilson Report). Combining the flexibility of a credit card with the low cost of an installment loan helps us redefine banking.
Upgrade has been named a “Best Place to Work in the Bay Area” three years in a row, one of the “Top Companies to work for in Arizona”, “Best Engineering Team" and we have received awards for being a best company for Diversity, Women, Culture, and Veterans.
We are looking for new team members who get excited about designing and delivering new and better products to join a team of 1300 talented and passionate professionals. Come join us if you like to tackle big problems and make a meaningful difference in people's lives.
This is a remote position based in the United States.
What You'll Do:
- Enable a growing SOC to extend it's threat detection capabilities day to day
- Document and escalate incidents that may cause ongoing and immediate impact to the environment
- Determine tactics, techniques, and procedures (TTPs) for security tools
- Mentor other SOC Analysts as needed as the team grows
- Support the SOC Lead with roadmapping new security initiatives the team should be tackling
- Apply MITRE ATT&CK and NIST evolving standards
- Apply knowledge of the Cyber Kill Chain framework to extend the SOC's understanding of adversary TTPs
- Work a rotating shift and on-call schedule as required
What We Look For:
- 5+ years of relevant experience.
- Experience with multiple SIEM solutions (Sumo Logic, Splunk, QRadar).
- Experience with SIEM content engineering.
- Experience creating runbooks/playbooks.
- Experience interfacing with APIs and automating security processes.
- Experience utilizing a major scripting language to automate security tasks and create tooling that enables security teams
- Experience with Cloud Security.
Strong Plus:
- SIEM vendor certifications.
- General security tooling certifications.
- Experience with Terraform.
- Experience with Threat Hunting, Bot Mitigation, and Credential Stuffing.
- Experience with Endpoint Detection & Response (EDR).
- Experience with Akamai.
- Experience securing Kubernetes environments.