PagerDuty is seeking a Security Operations Engineer to join our diverse, customer-focused team! As a member of the IT Operations & Security team, you will collaborate with a global team of technology and security professionals to proactively identify and mitigate enterprise risks, monitor and respond to security events, respond to and assist in security incidents as a security incident responder, and protect PagerDuty’s enterprise systems, data, and operations.

You will be responsible for partnering closely with the CISO organization on the planning and execution of key security initiatives related to enterprise security.  You will develop and track key security metrics and ensure best-in-class operations, including the creation and ongoing maintenance of enterprise security technology runbooks, and automated workflows, assisting in process refinement and operational ownership of enterprise security technologies. You will collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company to define, design, and implement security programs and technology projects and will communicate and interact regularly with senior IT and business leadership

The ideal candidate possesses a natural curiosity about information security, a passion for doing what’s right, and will use their expertise to implement a best-of-class security operations program at PagerDuty.

KEY RESPONSIBILITIES

• Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions.
• Tracking the evolution of cutting-edge security technologies, and keeping update of the latest security threats and trends
• Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the security department
• Monitors security alerts and leads the team in identifying and responding to security threats
• Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
• Working cross-functionality to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
• Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
• Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
• Drive the design and development of automated security operations and maintenance solutions.
• Oversee our vulnerability management & endpoint compliance program
• Develop internal playbooks and tabletops to train teams on how to handle common attack scenarios
• Develop and report metrics on security posture (e.g. endpoint compliance, vulnerability gaps, application security, etc..)
• Participates in information security control assessments providing risk-based gap analysis and prioritized remediation recommendations.

BASIC QUALIFICATIONS

• At least 3+ years of experience in the information security industry, with 2+ years in network security or zero-trust.
• Extensive knowledge of Information Security concepts especially in the areas of security threats, analyzing security logs and driving Incident response.
• Extensive knowledge and practical experience in network security and zero-trust.
• Broad understanding of the IAM cybersecurity landscape including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
• Deep understanding of security technologies and concepts including SIEM, MDR/XDR, EDR and vulnerability management.
• Strong understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework).

PREFERRED QUALIFICATIONS

• Familiarity with the following industry frameworks & regulatory standards: Payment Card Industry Data Security Standard (PCI-DSS), HIPAA-HITECH, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), Privacy Practices, ISO 27001/2, NIST Cybersecurity Framework (CSF/800.53)
• Current certification in an industry-recognized information security certification such as CISSP, CISA, CISM, Security+, CEH, GIAC GSEC/GCIH, SSCP.
• Strong scripting and automation skills (Bash, Python, Javascript, JSON, etc.)
• Familiarity with RBAC
• Experience in infrastructure security, storage security, platforms security, and data security
• Direct experience developing thresholds, alerts, dashboards, and incident response playbooks
• Familiarity with the PagerDuty platform is a plus.

The base salary range for this position is 123,000 - 180,000 CAD. This role may also be eligible for bonus, commission, equity, and/or benefits.

Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.

Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.

PagerDuty is a flexible, hybrid workplace. We embrace and encourage in-person working as an integral part of our culture. Both our employees and external research tells us that co-located collaboration strengthens connections, drives innovation, and accelerates learning. This role is expected to come into our Toronto office 1-2 days/week, so you can thrive in your new role and fully embrace being a Dutonian!