PagerDuty is seeking an Enterprise Security Engineer to join our diverse, customer-focused team! As a member of the IT Operations & Security team, you will collaborate with a global team of technology and security professionals to proactively identify and mitigate enterprise risks, monitor and respond to security events, respond to and assist in security incidents as a security incident responder, and protect PagerDuty’s enterprise systems, data, and operations.
You will be responsible for partnering closely with the CISO organization on the planning and execution of key security initiatives related to enterprise security. You will develop and track key security metrics and ensure best-in-class operations, including the creation and ongoing maintenance of enterprise security technology runbooks, and automated workflows, assisting in process refinement and operational ownership of enterprise security technologies. You will collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company to define, design, and implement security programs and technology projects and will communicate and interact regularly with senior IT and business leadership
The ideal candidate possesses a natural curiosity about information security, a passion for doing what’s right, and will use their expertise to implement a best-of-class Enterprise Security program at PagerDuty.
This role is expected to come into our Toronto office at least 2 times per week, so you can thrive in your new role and fully embrace being a Dutonian!
KEY RESPONSIBILITIES
- Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions.
- Tracking the evolution of cutting-edge security technologies, and keeping up to date of the latest security threats and trends
- Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the Enterprise Security department
- Monitors security alerts and leads the team in identifying and responding to security threats
- Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
- Working cross-functionality to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
- Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
- Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
- Drive the design and development of automated security response and maintenance solutions.
- Oversee our workstation vulnerability management & endpoint compliance program
- Develop internal playbooks and tabletop exercises to train teams on how to handle common attack scenarios
- Develop and report metrics on security posture (e.g. endpoint compliance, vulnerability gaps, application security, etc.)
- Partner with Compliance teams to ensure and demonstrate implemented controls are working efficiently
- Participates in information security control assessments providing risk-based gap analysis and prioritized remediation recommendations.
- Act as SME for EDR tooling on corporate Workstations
- Participate on rotating on-call schedule
BASIC QUALIFICATIONS
- At least 5 years of experience in the information security industry, with 3+ years in network security or zero-trust, and 3+ years in security architecture or solution experience.
- Extensive knowledge of Information Security concepts especially in the areas of security threats, analyzing security logs and driving Incident response.
- Extensive knowledge and practical experience in network security and zero-trust.
- Broad understanding of the IAM cybersecurity landscape including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
- Deep understanding of security technologies and concepts including SIEM, MDR/XDR, EDR and vulnerability management.
- Strong understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework).
- Strong knowledge of incident response processes
PREFERRED QUALIFICATIONS
- Familiarity with the following industry frameworks & regulatory standards: HIPAA-HITECH, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), ISO 27001/2, NIST Cybersecurity Framework (CSF/800.53), SOC2, FedRAMP
- Current certification in an industry-recognized information security certification such as CISSP, CISA, CISM, Security+, CEH, GIAC GSEC/GCIH, SSCP.
- Strong scripting and automation skills (Bash, Python, Javascript, etc.)
- Familiarity with RBAC, ABAC, and PoLP
- Direct, hands-on experience configuring and administering Crowdstrike
- Crowdstrike certifications (Crowdstrike Certified Falcon Administrator (CCFA), Crowdstrike Certified Falcon Responder (CCFR), Crowdstrike Certified Falcon Hunter (CCFH))
- Experience in endpoint security, identity and access management, incident response, and/or vulnerability management
- Direct experience developing thresholds, alerts, dashboards, and incident response playbooks
- Familiarity with the PagerDuty platform is a plus.
The base salary range for this position is 137,000 - 207,000 CAD. This role may also be eligible for bonus, commission, equity, and/or benefits.
Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.
Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.
