- United States
- Date Posted
- Aug. 31, 2021
At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part of the Sonos team, you’ll collaborate with people of all styles, skill sets, and backgrounds to realize our vision while fostering a community where everyone feels included and empowered to do the best work of their lives.
You will work in a team of engineers to automate and integrate our cybersecurity monitoring and assurance systems (vuln scanning, security monitoring, endpoint protection, security log data, SIEM, SOAR) to achieve economy of scale for rapid response to cybersecurity alerts and fast mitigation of high-risk security nonconformity alerts. In doing so, you will be helping to protect customers and enable Sonos to continue to deliver delightful sound experiences to our customers worldwide.
What You’ll Do
- Design, develop, and integrate security monitoring and security compliance systems with process automation and enrichment (SOAR), security investigation and analytics (SIEM), and security ticketing systems.
- Design and build processes and automation to drive focus, visibility, and accountability for security policy compliance using a DevSecOps approach.
- Communicate complex and technical issues to security-technical audiences, verbally and in-writing, in an authoritative, and actionable manner.
What You’ll Need
- 5+ years of experience developing software or integrations using a modern programming language (e.g. .NET, Java, C++, etc.), and experience developing or using RESTful APIs.
- 3+ years of security automation experience either developing, integrating, or automating security monitoring, SOAR, SIEM, or similar technologies.
- The ability to maintain a professional approach and organize your work and that of others while under pressure.
- Be able to communicate complex and technical issues to security-technical audiences, verbally and in-writing.
- Proven ability to get projects out the door with high quality, on tight timelines.
- Knowledge in one or more information technology related fields that include cloud services, authentication, PKI, system administration, software development, networking, or security architecture.
- Working knowledge of a range of security-related subjects such as threat hunting, threat modeling, digital forensics, reverse engineering, phishing, and penetration testing.