Lead Security Engineer

2 days ago


San Francisco, United States ADP Full time

ADP is hiring a Lead Security Engineer Do you have a passion for going on the offensive to safeguard critical information? Well, this may be the role for you. Ready to make your mark? In this role, the Lead Security Engineer will be responsible for the design, development, enhancement, and maintenance of the Threat Intelligence Program’s Platform Operations, Automation, and Integrations. The Lead Engineer will demonstrate the ability to perform in a fast-paced team, technical expertise, and leadership in threat intelligence, application development, brand protection, and data analysis. You will work alongside infrastructure security engineers, threat intelligence analysts, threat hunters, and the security operations team to help improve our current automation processes and future integrations. You will work with various intelligence collection, reporting tools, and frameworks to automate the processes, develop playbooks, and/or integrate processes with other platforms. You will review documentation, develop plans, catalog and document processes, communicate with stakeholders and application support teams, follow up on requests, and improve processes. To thrive in this position, you'll need to be an expert in application development, API integration, automation processes, understand the Threat Intelligence Lifecycle, and know how threat intelligence products and services work. You'll also need experience working with structured and unstructured data and be great at maintaining situation awareness. You know how to work with the Security Operations team to create the most value and identify gaps in available intelligence information and engage with leadership on strategies to meet intelligence requirements through Intelligence collection processes. RESPONSIBILITIES: Develop Indicator Enhancement/Enrichment Playbook for the Threat Intelligence Platform (TIP). Collect and ingest data from various sources to the TIP. Develop systems integration between multiple Threat Intelligence Source APIs and the TIP to ingest indicators of compromise. Develop threat intelligence data dashboards, based on various tagging, and indicator types along with their threat severity and confidence levels. Develop and maintain API connections with various security stack solutions. Understand and maintain API that enables the system integration between Apache Nifi and the indicators database (mirror of the Threat Intelligence Platform Database). Develop and maintain threat intelligence system to gather IOC data from multiple external threat intelligence feeds. Collect, review, and analyze internal, open source, and dark web datasets to integrate with TIP and other security monitoring solutions. Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks. Provide accurate and priority-driven analysis on cyber activity/threats and present complex operational/technical topics to senior managers and stakeholders. Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the organization, as well as different business segments. Ability to develop processes, scripts, and code in a quick manner to support current operations and to improve automation processes. Ability to work in a fast-paced environment with minimal supervision. Collect, analyze, investigate, store, and disseminate threat intelligence (actors, campaigns, TTPs, IOAs, IOCs). Conduct detailed technical analysis supported by industry-accepted threat intelligence analytical frameworks, tools, and standards. Create and evaluate trend/correlation analysis for scenario forecasting at both the tactical and operational levels. Develop and refine cyber-threat intelligence collection and analysis processes. Generate presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership. Provide input for developing objectives, key results, and program metrics. Exhibit strong critical thinking and problem-solving skills with sound judgment. Maintain or develop professional contacts in the various communities to support operations. Support the Critical Incident Response Center (CIRC)/SOC with intelligence collection, analysis, and/or dissemination as it relates to ongoing investigations. QUALIFICATIONS REQUIRED: Excellent communications skills and report-writing capability. Firm understanding and implementation of Software Development Life Cycle (SDLC) processes and executions. Firm understanding of programming languages: Python, Perl, PHP, Java, .net, and C. Good understanding of JQuery/Javascript web client applications. Firm understanding of database infrastructure development and management (PostgreSQL, MySQL, etc.) and NOSQL (MongoDB, DocumentDB, Elasticsearch, etc.) databases. Firm understanding of STIX/TAXII formats and integration with security stack. 8+ years of cybersecurity, threat intelligence, or network security experience. Firm understanding of network security concepts, including threat and risk analysis, security event/incident monitoring, asset and risk management, and intrusion detection and prevention sensors. Experienced configuring both Windows and Linux networks. Prior experience as a technical cyber threat intelligence (or related) subject matter expert. A strong understanding of the cyber security principles, methodologies and best practices. A strong understanding of the Threat Intelligence terminology and life cycle. Familiar with Threat Intelligence tools, platforms, and technologies. Experience writing code in any programming language (Python knowledge desirable) for tasks automation and data manipulation. Knowledge about network protocols, log analysis and simple data structures (JSON, YAML, CSV, XML, Parquet, etc.). Proficiency developing and orchestrating automations for threat intelligence life cycle. A college degree is great but not required. What's more important is having the skills and experience to do the job. WHAT YOU'LL DO: Here's what you can expect on a typical day in the life of a Lead Security Engineer at ADP: Working in two-week sprints, you must keep up with timelines and coding standards. Variety of work. There is no typical day. You could be working on anything from migrations to delivering new features, product enhancements, or creating new services. You’re always learning new codes and operating with a "figure it out" mentality. You’re comfortable working on products with tech that has never been used before. Preference will be given to candidates who have the following: Knowledge of advanced cyber threats, threat vectors, and attacker methodology. Experience in threat detection and analysis solutions. Knowledge of cloud services, infrastructure, and operations. Experience with premium threat intelligence tooling and/or open-source intelligence techniques. Experience with TIP automation development, collection, maintenance, and integrations. Organizational and self-directing skills. Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP: ADP is committed to an inclusive, diverse and equitable workplace. Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards. #J-18808-Ljbffr



  • San Francisco, California, United States Microbiz Security Full time

    Job OverviewWe are seeking a skilled Senior Security Systems Engineer and Developer to join our team at Microbiz Security, a leading provider of security solutions in the San Francisco area. As a key member of our technical staff, you will be responsible for designing, installing, and servicing advanced security systems.


  • San Francisco, United States IDENTIFY SECURITY Full time

    We are seeking a highly skilled Staff Application Security Engineer with a strong background in cloud software service management and application security to join our dynamic team. In this role, you will play a crucial part in ensuring the reliability, scalability, and security of our software systems and digital experiences. You will work closely with the...


  • San Francisco, United States IDENTIFY SECURITY Full time

    We are currently seeking a Staff Embedded Security Engineer. This position requires an experienced professional with a proven track record of cyber security development achievements. Our ideal candidate exhibits a can–do attitude and approaches his or her work with vigor and determination. Candidates will be expected to demonstrate excellence in their...


  • San Francisco, United States Security Bank & Trust Full time

    Harvey is a secure AI platform for professionals in law, tax, and finance that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized by our expert team of lawyers, engineers, and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons...


  • San Francisco, United States Stars Group Full time

    As our Application Security Lead Engineer, you will be responsible for the security of our apps/services – Web, Mobile and API–based at Scale. You will be responsible for threat modeling products from the ground up, implementing and managing security controls at various points of the Secure Software Development Lifecycle, and setting up processes and...


  • San Francisco, California, United States Oleria Security Full time

    Lead the Charge in Cloud Security with OleriaWe're seeking a seasoned Cloud Security Engineer to spearhead our AI/ML initiatives, driving innovation and excellence in cloud identity security. This is an exceptional opportunity for a visionary leader to shape the future of cloud security.About the RoleAs a Principal Applied AI/ML Engineer at Oleria Security,...


  • San Francisco, United States ADP, Inc. Full time

    ADP is hiring a Lead Security EngineerDo you have a passion for going on the offensive to safeguard critical information?Well, this may be the role for you. Ready to make your mark?In this role, the Lead Security Engineer will be responsible for the design, development, enhancement, and maintenance of the Threat Intelligence Program’s Platform Operations,...

  • Tech Lead Manager

    3 weeks ago


    San Francisco, United States Opal Security Full time

    Opal is building the next generation of access management. We've all felt the pain of not getting the access we need to do our job. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. Our product prioritizes consumer grade simplicity with enterprise scale, reliability, and security. Our...


  • San Francisco, United States DoorDash USA Full time

    About the Team DoorDash Labs is an independent team within DoorDash. We are working on building autonomous delivery robots from the ground-up and other automation solutions as part of DoorDash's core delivery platform. If you have a passion for ensuring the robotic solutions used by millions of people are secure, then we want to talk to you! About the...


  • San Francisco, California, United States Abnormal Security Full time

    About Abnormal Security">Abnormal Security is a leading provider of cloud-based security solutions that stop cybercrime. With a strong focus on innovation and agility, our Research and Development organization is forming a group to develop advanced AI-powered security products. This team will create cutting-edge solutions for customers while streamlining...


  • San Francisco, California, United States Vision Security Full time

    About Vision SecurityVision Security is a leading organization in the refining industry, committed to delivering exceptional results through innovative engineering solutions.


  • San Francisco, California, United States Databricks Full time

    Job SummaryWe are seeking an experienced Data Security Engineer Lead to join our team at Databricks. This is a unique opportunity to lead the design and implementation of scalable infrastructure solutions that ensure the security and integrity of our customers' data.About DatabricksDatabricks is a leading cloud-based data analytics platform that enables...

  • Security Engineer

    7 days ago


    San Francisco, United States Factory Full time

    Factory is seeking a talented Security Engineer to join our team. In this role, you will play a critical role in developing and maintaining the security foundation of our platform. You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD,...


  • San Francisco, United States salesforce Full time

    To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.Job Category: ProductAbout SalesforceWe’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new...

  • Lead Security Engineer

    15 hours ago


    San Francisco, CA, United States ADP, Inc. Full time

    ADP is hiring a Lead Security Engineer Do you have a passion for going on the offensive to safeguard critical information? Well, this may be the role for you. Ready to make your mark? In this role, the Lead Security Engineer will be responsible for the design, development, enhancement, and maintenance of the Threat Intelligence Program’s Platform...

  • Security Engineer

    3 weeks ago


    San Francisco, United States BlueVoyant Full time

    MXDR Security Engineer IILocation: Remote in SingaporeBlueVoyant is excited to invite applications for the role of Security Engineer II. In this dynamic position, you will use your expertise in Microsoft Cloud security technologies and SIEM platforms to enable our MDR solutions in customer environments. In this role, you will take the lead in client facing...

  • Security Engineer

    4 weeks ago


    San Francisco, United States BlueVoyant Full time

    MXDR Security Engineer IILocation: Remote in SingaporeBlueVoyant is excited to invite applications for the role of Security Engineer II. In this dynamic position, you will use your expertise in Microsoft Cloud security technologies and SIEM platforms to enable our MDR solutions in customer environments. In this role, you will take the lead in client facing...


  • San Francisco, United States Opal Security Full time

    Opal is redefining identity security for modern enterprises. The concept of least privilege access is well understood in theory but very hard in practice. We've all felt the pain of not getting the access we need to do our job - and security teams feel the pain of either being a bottleneck or authorizing everyone at the expense of risk. At Opal, we’re...

  • Security Engineer

    1 month ago


    San Francisco, United States Factory Full time

    Factory is seeking a talented Security Engineer to join our team. In this role, you will play a critical role in developing and maintaining the security foundation of our platform. You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD,...

  • Security Engineer

    4 weeks ago


    San Francisco, United States Factory Full time

    Factory is seeking a talented Security Engineer to join our team. In this role, you will play a critical role in developing and maintaining the security foundation of our platform. You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD,...