Senior Security Operations Engineer

Senior Security Operations Engineer

Key Responsibilities:

• Lead and manage

  major security incidents from detection to resolution, serving as the

  primary technical point of contact

  for complex investigations.

• Develop and drive

  the security operations strategy, translating multi-year roadmaps into actionable projects and technical solutions.
• Serve as an

  escalation point for junior analysts

  , analyzing the most sophisticated alerts and anomalies.

  Continuously improve and automate

  security monitoring and response processes.
• Act as a

  security subject matter expert (SME)

  , leading collaborative efforts with engineering teams to architect and implement robust Incident Response and investigative capabilities.

• Architect and engineer advanced detection logic

  and correlation rules across SIEM, EDR, and other security platforms to counter emerging threats.

• Master and optimize

  the use of EDR solutions for advanced threat hunting, forensic data collection, and rapid response actions.

• Design and lead proactive threat hunting missions

  , developing hypotheses based on threat intelligence and deep environmental knowledge.

• Mentor and develop junior security engineers

  , fostering a culture of technical excellence and continuous learning within the team.

Required Qualifications:

• 5-7+ years

  of progressive experience in security operations, incident response, or threat analysis, with a demonstrated history of handling complex incidents.

• Expert ability to articulate

  complex technical findings and strategic recommendations to a diverse audience, including executive leadership, technical staff, and legal counsel.

• Deep, hands-on knowledge

  of cloud architectures and security best practices in AWS, Azure, or GCP.

• Extensive experience architecting, implementing, and utilizing

  a wide array of security tools for log analysis, incident response, and vulnerability assessment.
• Familiarity with digital forensics tools to analyze and respond to security incidents effectively.
• Coding/scripting proficiency in one or more general purpose languages (e.g., Python, Go, Ruby) for automation and tool development.

• Expert-level experience

  with SIEM platforms such as Splunk, IBM QRadar, or Microsoft Sentinel, including the development of advanced correlation searches and dashboards.

• Solid understanding

  of vulnerability management principles and practices.

Preferred Qualifications:

• Degree in Information Security, Information Technology, or a related field.

• Proficiency

  with Malware Analysis and Reverse Engineering techniques.
• Knowledge of regulatory requirements in FinTech or similar high-security industries (e.g., PCI-DSS, SOX).
• Relevant advanced certifications are highly preferred (e.g., GCIH, GCFA, CISSP, OSCP).

Bonus:

• Experience

  evaluating and implementing

  AI/ML applications in cybersecurity, particularly for threat detection and response.
• Knowledge of securing mobile platforms (Android / iOS).

Benefits:

• Competitive salary and performance-based bonuses.
• Flexible working hours and remote work options.
• Comprehensive health insurance and wellness programs.
• Professional development opportunities and continuous learning.
• Collaborative and inclusive company culture.

Join us in our mission to empower the restaurant community. Your expertise will directly contribute to protecting our clients and their customers in an ever-evolving threat landscape. If you're passionate about cybersecurity and ready to make a real impact, we want to hear from you!

Toast is an equal opportunity employer committed to building a diverse and inclusive team.