Senior Detect & Respond Engineer

Role Purpose: 

Security is paramount to the success of our business. This role helps protect our information and products, by driving our detect and respond initiatives and driving a culture of positive cybersecurity into the heart of our business.

Role Value: 

Having the highest levels of security and compliance are essential to Jumio’s business. By setting and achieving the highest standards this role has a direct impact on the integrity of our business, our customers’ confidence and, ultimately, the continued growth and success of the company. 

Responsibilities:

• Perform deeper log analysis, network traffic analysis on a regular basis.
• Provide support for daily monitoring of security events, responding to alerts, and tracking incidents.
• Perform incident triage in support of the overall investigation, by determining scope, urgency and potential impact including identifying the specific vulnerability, attack vector and recommending remediation actions.
• Support the design and deployment of cloud native security monitoring capabilities.
• Create event dashboards, metrics and establish threshold standards.
• Provide high-quality security monitoring KPI and KRI statistics and reports on a regular basis.
• Create and maintain Cyber Security Incident Response documentation, including playbooks, runbooks, policies, processes and procedures.
• Definition of use cases that can be automated for incident response workflows.
• Work closely with external threat intelligence teams and consume threat feeds on a regular basis, triage and proactive responses to threats of interest.
• Maintain strong relationships with all interested parties that affect the security posture of the company and incident handling escalation touchpoints.
• Supports security crisis response simulations, and follow on improvements.
• Empower and educate our people through security and cultural innovation.
• Drive the culture of positive cybersecurity into the heart of our business.

Experience and Qualifications:

• Proven commercial experience in a detect and response capacity and influencing positive change in a diverse IT landscape including cloud as well as on-prem, external web services and end user endpoints
• Cloud Security and Posture Monitoring (CrowdStrike)
• Experience in Terraform, Kubernetes, Docker and CI/CD.
• Familiarity with Python scripting for development of SIEM (Panther) detections and internal automation tools
• Experience in monitoring tools like Prometheus, Grafana, Datadog
• Familiarity with AWS, Linux and Suricata IDS
• A strong awareness of the MITRE ATT&CK Framework
• Working with global information security frameworks and standards like PCI DSS, ISO 27001, SOC2, CSF 2.0
• Developing successful global security operations processes
• Security incident management (including Critical Incident Management), and application security best practices
• Experience of threat monitoring and management in cloud environments - AWS preferred
• Experience of successfully dealing with Advanced Persistent Threats (APT), cybercriminals, malware, and targeted phishing
• CISM, CEH, CISSP or GIAC Cyber Defence certifications a plus
• Excellent analytical, conceptual and communications skills in spoken and written English
• Fast learner, high capacity for abstract thinking and structured approach to work plus a hands-on mentality and an international mindset

Key Characteristics and Attitudes: 

Jumio Values:

IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation

Equal Opportunities:

Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.

About Jumio:

Jumio is a B2B technology company dedicated to eradicating online identity fraud, money laundering and other financial crimes to help make the internet safer. We leverage AI, biometrics, machine learning, liveness detection and automation to create solutions that are trusted by leading brands worldwide and respected by industry thought leaders. 

Jumio is the leading provider of online identity verification, eKYC and AML solutions. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others.

Applicant Data Privacy

We will only use your personal information in connection with Jumio’s application, recruitment, and hiring processes, as described in Jumio’s Applicant Privacy Notice. If you have any questions or comments, please send an email to privacy@jumio.com.