Sr. SecOps Engineer- Product Security Operations

1 Month ago • 6 Years + • $88,000 PA - $132,000 PA

Job Summary

Job Description

Envestnet is looking for a highly skilled and experienced Cyber Security Operation Engineer to join our team. This pivotal role involves designing, developing, and implementing comprehensive security controls to safeguard the organization's data, systems, and networks from sophisticated cyber threats. The Security Engineer will also lead efforts in incident response and be integral to the development and maintenance of security operation center processes and procedures. Collaboration with various stakeholders, conducting security assessments, ensuring compliance with industry standards and regulations, and deploying security controls across both cloud and on-premises datacenters are essential components of this role.
Must have:
  • Experience in information security, security operations, threat hunting, and incident response.
  • Hands-on technical skills and knowledge of cloud technologies.
  • Experience in managing SIEM, EDR, and other security controls.
  • Knowledge of programming languages like Java, Python.
Good to have:
  • Experience in product/application security, secure coding, and OWASP.
  • Knowledge about API security and databases (SQL, NoSQL, or similar).
Perks:
  • Health Benefits (Health/Dental/Vision)
  • Paid Time Off (PTO) & Volunteer Time Off (VTO)
  • 401K – Company Match
  • Annual Bonus Incentives
  • Parental Stipend
  • Tuition Reimbursement
  • Student Debt Program
  • Charitable Match
  • Wellness Program

Job Details

Envestnet is seeking a Sr. SecOps Engineer- Product Security Operations – YOD to join our Yodlee department. This is a remote role with occasional travel to our Raleigh, NC office.

Envestnet is transforming the way financial advice is delivered through its connected technology, advanced insights, and asset management solutions – backed by industry-leading service and support. Since 1999, Envestnet has served the wealth management industry and today supports trillions in platform assets, serving over a hundred thousand financial advisors. The vast majority of the nation’s leading banks, the largest wealth management and brokerage firms, and over 500 of the largest RIAs rely on Envestnet’s wealth management platform and solutions to drive business growth, boost productivity, and deliver better financial outcomes for their clients. 

Envestnet’s Strategy:

  • Deliver the industry-leading wealth management platform, powered by advanced data and insights 
  • Leverage our scale and efficiencies to serve our clients’ needs comprehensively 
  • Enable financial advisors to deliver more holistic advice – reflecting a more complete view of their clients’ financial lives, and in a more connected environment

For more information, please visit www.envestnet.com.

Job Summary: 

Yodlee is looking for a highly skilled and experienced Cyber Security Operation Engineer to join our team. This pivotal role involves designing, developing, and implementing comprehensive security controls that safeguard our organization's data, systems, and networks from sophisticated cyber threats. The Security Engineer will also lead efforts in incident response and be integral to the development and maintenance of our security operation center processes and procedures. It is preferred to have product security knowledge such as, OWASP top 10, API security, Devsecops. Collaboration with various stakeholders, conducting security assessments, ensuring compliance with industry standards and regulations, and deploying security controls across both cloud and on-premises datacenters are essential components of this role.

Job Responsibilities:

  • Cyber Security Engineering and Implementation
    • Developing comprehensive security architectures that align with business objectives and regulatory requirement. Implement secure network, system, and application architectures. 
    • Benchmark and implement industry best practices to mitigate potential threats to digital infrastructure and operations such as MITRE ATT&CK and NIST CSF.
    • Evaluate and recommend security technologies and solutions for cloud and Datacenter.
    • Implementation of security tools and technologies, such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing) and IAST (Interactive Application Security Testing)
    • Managing and maintaining security tools and infrastructure, including SIEM(Splunk), EDR(CrowdStrike), Threat intel, endpoint protection and breach simulation.
    • Configuring and tuning security tools to optimize performance and accuracy.
    • Deploying and updating security software and hardware.
    • Lead incident response and develop and maintain security operation center process and procedures.
  • Cyber Security and Security Operations Management
    • Establish and maintain an application security program & security operation, including policies, standards, and procedures. 
    • Track and report on key performance indicators (KPIs) related to application security and infrastructure security.
    • Oversee the 24/7 monitoring of security systems and networks for potential threats. 
    • Develop, implement and maintain incident response plans and procedures. 
    • Lead incident response efforts, including containment, eradication, and recovery. 
    • Conduct post-incident analysis and develop recommendations for improvement. 
    • Administrating the SOC infrastructure to ensure its hardened posture and best performance.
    • Troubleshooting and resolving issues related to SOC technologies.
    • Oversee the implementation of security tools and technologies, such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and IAST (Interactive Application Security Testing) Lead and oversee all internal and external audits, ensuring readiness for regulatory assessments and third-party evaluations.
  • Continuous Monitoring, Incident Response, and Reporting
    • Implementation of continuous security monitoring to assess compliance and control effectiveness.
    • Drive the development of actionable reporting metrics, including security health checks, audit readiness, and compliance status, for senior management and stakeholders.
    • Work closely with the SOC and Incident Response teams to evaluate the impact of security incidents on compliance and drive remediation efforts.
    • Evaluate and recommend security technologies and solutions
    • Ensure proper configuration and maintenance of security related tools.
  • Vulnerability management & Product security
    • Establish Vulnerability management program and remediation process. 
    • Prioritize vulnerabilities for remediation based on risk and business impact.
    • Prepare and distribute vulnerability reports to stakeholders, including management and technical teams.
    • Integrate security into the SDLC, from design and development to testing and deployment. 
    • Promote secure coding practices and provide training to developers. 
    • Establish and enforce security requirements for applications. 
    • Implement security testing throughout the SDLC.
  • Compliance Program Management
    • Lead the development, implementation, and management of the Information Security program, ensuring compliance with industry standards (e.g., PCI DSS, SOC 2, NIST, ISO 27001, and others).
    • Manage and maintain security compliance posture, ensuring senior management and business units are informed about application security risks and mitigation strategies.
    • Stay abreast of emerging security threats, vulnerabilities, and industry best practices.
    • Innovation and Continuous Improvement
    • Lead efforts to identify and drive continuous improvements in security processes, tools, and practices.
    • Stay ahead of industry trends, regulatory changes, and emerging security risks to ensure the organization remains agile and compliant in an evolving threat landscape.
    • Lead strategic initiatives that improve operational efficiencies and reduce risks through the automation and enhancement of security controls.
  • Adherence to and application of Envestnet legal, compliance, risk, business continuity and administrative policy within the role and department(s) including the timely completion of training & awareness, affirmations and testing as requested.  
  • As part of the responsibilities for this role, you will understand and readily support Envestnet's established corporate business practices, policies, internal controls and procedures designed to create value or minimize risk.

Required Qualifications: 

  • Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
  • Experience: 7+ years of experience in information security, Security operations, threat hunting, Security automation, Incident response, Red-teaming and Blue Teaming.
  • Strong hands-on technical skills, extensive knowledge of AWS or other Cloud Technologies, and the ability to work with senior stakeholders.
  • Experience in managing SIEM, EDR and Other security contoles.
  • Experience: 1+ years’ experience in of Product/Application security, Secure coding, OWSP
  • Knowledge about programming language such as Java, Python.
  • Knowledge about the API security, databases (SQL, NoSQL, or similar).
  • Strong understanding Owasp top 10 and Secure Development, Java, python, programing knowledge.
  • Certifications: Relevant security or compliance certifications such as CISA, CISSP, GCIH, OSCP, AWS Certified Security – Specialty or CompTIA Security+ are highly preferred.

Key Skills: 

  • Minimum of 6 years of experience in information security, with a focus on security engineering.
  • Proven experience designing and implementing security solutions in complex environments.
  • Deep understanding of cloud computing platforms (AWS, Azure, GCP).
  • Familiarity with secure coding practices, SDLC and DevSecOps.
  • Strong leadership, communication, and problem-solving skills. 
  • Relevant certifications (e.g., CISSP, CSSLP, CEH, AWS security) are highly desirable. 
  • Regulatory Knowledge: In-depth knowledge of NIST, ISO 27001, PCI DSS and SOC2 compliance. standards, with hands-on experience managing compliance and audit processes.

Envestnet: 

  • Be a member of an innovative and industry leading financial technology and solutions company 
  • Competitive Compensation/Total Reward Packages that include:
    • Health Benefits (Health/Dental/Vision)
    • Paid Time Off (PTO) & Volunteer Time Off (VTO)
    • 401K – Company Match
    • Annual Bonus Incentives
    • Parental Stipend 
    • Tuition Reimbursement
    • Student Debt Program
    • Charitable Match 
    • Wellness Program

Salary:

The annual base salary range for this position is $88,000 to $132,000.

#LI-SC1 

Similar Jobs

Acceldata - Lead SDET

Acceldata

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Dream11 - SDE 2 - Frontend

Dream11

Mumbai, Maharashtra, India (On-Site)
7 Months ago
Addepar - Technical Product Manager

Addepar

New York, United States (On-Site)
2 Weeks ago
ByteDance - Software Engineer Intern (CDN/Edge/Traffic Platform)

ByteDance

San Jose, California, United States (On-Site)
2 Months ago
Barracuda Networks  Inc  - Senior Engineer

Barracuda Networks Inc

Bengaluru, Karnataka, India (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Hire Phoenix Consulting - Ludo Game Developer needed (Freelance opportunity)

Hire Phoenix Consulting

Indi, Karnataka, India (Remote)
8 Months ago
Meta - Software Engineer, Android

Meta

Burlingame, California, United States (On-Site)
6 Months ago
Nasdaq - Senior Software Developer (Customer Facing APIs)

Nasdaq

St. John's, Newfoundland And Labrador, Canada (Hybrid)
1 Week ago
Addepar - Sr. Fullstack Engineer - Visualization Team

Addepar

United Kingdom (Remote)
1 Month ago
Applike Group - Product Lead

Applike Group

Hamburg, Hamburg, Germany (Hybrid)
1 Year ago
Aisera Jobs - Software engineer- JAVA Coversational AI

Aisera Jobs

Greece (On-Site)
1 Month ago
Google - Software Engineer, PhD, Cloud Platforms

Google

Taipei City, Taiwan (On-Site)
1 Month ago
GoTo Group - Lead Software Engineer - Engineering Platform

GoTo Group

Bengaluru, Karnataka, India (On-Site)
6 Months ago
CrowdStricke - Engineer III - Reliability

CrowdStricke

Bengaluru, Karnataka, India (Remote)
3 Weeks ago
Aisera Jobs - Enterprise Customer Success Manager

Aisera Jobs

Palo Alto, California, United States (Hybrid)
1 Year ago

Get notifed when new similar jobs are uploaded

Jobs in Raleigh, North Carolina, United States

Evolution - Floor Operations Supervisor

Evolution

Atlantic City, New Jersey, United States (On-Site)
9 Months ago
Trailer Park - Part-Time Analyst - Social Listening & Insights

Trailer Park

Los Angeles, California, United States (Remote)
1 Month ago
Vercel - Senior Revenue Accountant

Vercel

San Francisco, California, United States (Hybrid)
1 Week ago
Twitch - Software Engineer I - iOS

Twitch

New York, New York, United States (On-Site)
5 Months ago
Meta - Software Engineer, Infrastructure

Meta

Burlingame, California, United States (Remote)
6 Months ago
Ansys - Senior R&D Engineer - HFSS Development

Ansys

Canonsburg, Pennsylvania, United States (On-Site)
3 Weeks ago
Side - Player Support Advocate

Side

Charleston, South Carolina, United States (Remote)
3 Weeks ago
Nfocus solution - Instructional Designer

Nfocus solution

Leavenworth, Kansas, United States (On-Site)
3 Weeks ago
Drive mode - Software Development Engineer in Test

Drive mode

Mountain View, California, United States (Hybrid)
1 Month ago
Google - Engineering Manager, Looker Modeling and Storage Lifecycle

Google

Sunnyvale, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Thiruvananthapuram, Kerala, India (On-Site)

Berwyn, Pennsylvania, United States (Hybrid)

Thiruvananthapuram, Kerala, India (On-Site)

Thiruvananthapuram, Kerala, India (On-Site)

Berwyn, Pennsylvania, United States (Hybrid)

Denver, Colorado, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

Raleigh, North Carolina, United States (Hybrid)

Denver, Colorado, United States (Hybrid)

Raleigh, North Carolina, United States (Remote)

View All Jobs

Get notified when new jobs are added by Yodlee

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug