Senior Security Operations Engineer
Job Description
- Degree in Information Security, Information Technology, or a related field.
- Proficiency with Malware Analysis and Reverse Engineering techniques.
- Knowledge of regulatory requirements in FinTech or similar high-security industries (e.g., PCI-DSS, SOX).
- Relevant advanced certifications (e.g., GCIH, GCFA, CISSP, OSCP).
- Experience evaluating and implementing AI/ML applications in cybersecurity, particularly for threat detection and response.
- Knowledge of securing mobile platforms (Android / iOS).
- Lead and manage major security incidents from detection to resolution, serving as the primary technical point of contact.
- Develop and drive the security operations strategy, translating roadmaps into actionable projects.
- Serve as an escalation point for junior analysts, analyzing sophisticated alerts and anomalies.
- Continuously improve and automate security monitoring and response processes.
- Act as a security subject matter expert (SME), leading collaborative efforts with engineering teams.
- Architect and engineer advanced detection logic and correlation rules across SIEM, EDR, and other security platforms.
- Master and optimize the use of EDR solutions for advanced threat hunting, forensic data collection, and rapid response.
- Design and lead proactive threat hunting missions, developing hypotheses based on threat intelligence.
- Mentor and develop junior security engineers, fostering technical excellence and continuous learning.
- 5-7+ years of progressive experience in security operations, incident response, or threat analysis.
- Expert ability to articulate complex technical findings and strategic recommendations to diverse audiences.
- Deep, hands-on knowledge of cloud architectures and security best practices in AWS, Azure, or GCP.
- Extensive experience architecting, implementing, and utilizing a wide array of security tools for log analysis, incident response, and vulnerability assessment.
- Familiarity with digital forensics tools to analyze and respond to security incidents effectively.
- Coding/scripting proficiency in one or more general purpose languages (e.g., Python, Go, Ruby).
- Expert-level experience with SIEM platforms such as Splunk, IBM QRadar, or Microsoft Sentinel.
- Solid understanding of vulnerability management principles and practices.
- Competitive salary and performance-based bonuses.
- Flexible working hours and remote work options.
- Comprehensive health insurance and wellness programs.
- Professional development opportunities and continuous learning.
- Collaborative and inclusive company culture.
Are you a seasoned cybersecurity expert ready to take a pivotal role in defending a global leader in restaurant technology? Toast is seeking a Senior Security Operations Engineer to lead our defensive efforts, tackle the most sophisticated threats, and mentor a growing team of security professionals. This is an opportunity to shape security strategy and make a significant impact on our innovative restaurant platform.
Key Responsibilities:
- Lead and manage major security incidents from detection to resolution, serving as the primary technical point of contact for complex investigations.
- Develop and drive the security operations strategy, translating multi-year roadmaps into actionable projects and technical solutions.
- Serve as an escalation point for junior analysts, analyzing the most sophisticated alerts and anomalies. Continuously improve and automate security monitoring and response processes.
- Act as a security subject matter expert (SME), leading collaborative efforts with engineering teams to architect and implement robust Incident Response and investigative capabilities.
- Architect and engineer advanced detection logic and correlation rules across SIEM, EDR, and other security platforms to counter emerging threats.
- Master and optimize the use of EDR solutions for advanced threat hunting, forensic data collection, and rapid response actions.
- Design and lead proactive threat hunting missions, developing hypotheses based on threat intelligence and deep environmental knowledge.
- Mentor and develop junior security engineers, fostering a culture of technical excellence and continuous learning within the team.
Required Qualifications:
- 5-7+ years of progressive experience in security operations, incident response, or threat analysis, with a demonstrated history of handling complex incidents.
- Expert ability to articulate complex technical findings and strategic recommendations to a diverse audience, including executive leadership, technical staff, and legal counsel.
- Deep, hands-on knowledge of cloud architectures and security best practices in AWS, Azure, or GCP.
- Extensive experience architecting, implementing, and utilizing a wide array of security tools for log analysis, incident response, and vulnerability assessment.
- Familiarity with digital forensics tools to analyze and respond to security incidents effectively.
- Coding/scripting proficiency in one or more general purpose languages (e.g., Python, Go, Ruby) for automation and tool development.
- Expert-level experience with SIEM platforms such as Splunk, IBM QRadar, or Microsoft Sentinel, including the development of advanced correlation searches and dashboards.
- Solid understanding of vulnerability management principles and practices.
Preferred Qualifications:
- Degree in Information Security, Information Technology, or a related field.
- Proficiency with Malware Analysis and Reverse Engineering techniques.
- Knowledge of regulatory requirements in FinTech or similar high-security industries (e.g., PCI-DSS, SOX).
- Relevant advanced certifications are highly preferred (e.g., GCIH, GCFA, CISSP, OSCP).
Bonus:
- Experience evaluating and implementing AI/ML applications in cybersecurity, particularly for threat detection and response.
- Knowledge of securing mobile platforms (Android / iOS).
Benefits:
- Competitive salary and performance-based bonuses.
- Flexible working hours and remote work options.
- Comprehensive health insurance and wellness programs.
- Professional development opportunities and continuous learning.
- Collaborative and inclusive company culture.
Join us in our mission to empower the restaurant community. Your expertise will directly contribute to protecting our clients and their customers in an ever-evolving threat landscape. If you're passionate about cybersecurity and ready to make a real impact, we want to hear from you!
Toast is an equal opportunity employer committed to building a diverse and inclusive team.
**Diversity, Equity, and Inclusion is Baked into our Recipe for Success**
At Toast, our employees are our secret ingredient—when they thrive, we thrive. The restaurant industry is one of the most diverse, and we embrace that diversity with authenticity, inclusivity, respect, and humility. By embedding these principles into our culture and design, we create equitable opportunities for all and raise the bar in delivering exceptional experiences.
We Thrive Together
We embrace a hybrid work model that fosters in-person collaboration while valuing individual needs. Our goal is to build a strong culture of connection as we work together to empower the restaurant community. To learn more about how we work globally and regionally, check out: https://careers.toasttab.com/locations-toast
.
Apply today!
Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com
.
