Big Data isn’t a problem. It’s an opportunity.

At Alation, we help people find, understand, and trust data. So they not only excel in their work — they drive value for their enterprise, team, and role. In the words of one customer, “Alation makes me look like a rockstar.”

We help companies you know and trust empower their people with the best data every day. Alation helps Discover Financial Services quickly generate value from their data to create the product and customer service innovations that help the iconic credit card company remain number one in customer satisfaction. And real estate giant Keller Williams uses Alation to govern the more than 70 TB of data that empowers their global team of over 190,000 agents.

With $340M in funding – valued at over $1.7 billion and 550+ customers, including 35% of Fortune 100 companies- Alation is poised to capitalize on data as an opportunity. Headquartered in Silicon Valley, Alation was named to Inc. Magazine’s Best Workplaces list for the fourth time. Do you want to join a team that welcomes new ideas, supports your growth, and recognizes your unique value?

Join us!

Job Description:

The Security Operations Engineer plays a critical role in helping organizations implement and maintain effective technical solutions to prevent and combat threats at Alation. This role will center around data loss prevention and stop data loss, leakage, or unauthorized access. This role involves working closely with Alation security and IT team to understand their security requirements, assess their data protection needs, and design customized solutions that align with their business objectives. This role will also be the primary incident response owner for US hours and will be called upon to evaluate many scenarios and work with stakeholders internally and externally to manage that time-sensitive space.

The position reports to the Sr. Security Program Manager and requires 3-5 years of experience in security and compliance activities, with SaaS/Tech industry experience being a plus. Understanding Cloud security and technologies is a must. Strong interest in Governance, Risk, and Compliance (GRC) functions, excellent communication skills, attention to detail, analytical and problem-solving abilities, and adaptability in a fast-paced startup environment are essential. Flexibility to work across IST and US hours to accommodate time zone differences is also necessary, but this role will primarily cover US Hours from 9am-5pm (Pacific Time)

What You’ll Do:

Partner with other security team members to manage, implement, procure, and analyze all security operations tooling.

Perform DLP configuration management, troubleshooting, addressing complex issues, and managing day-to-day operations.

Onboard security log data sources and develop new and custom parsers.

Deliver DLP advisory support and education to other SOC and technology management personnel.

Own Participate as a key contributor in security incident management for US timezone, conduct and/or assist with tabletop exercises, business continuity, and disaster recovery efforts. This will include communicating with cyber insurance companies, orchestrating the appropriate groups to troubleshoot, working with forensics firms, and Incident Response Retainer (IRR).

Help define, implement, and monitor key risk indicators and key performance indicators (KRIs/KPIs).

Keep abreast of the latest IT security, regulatory, and compliance trends to support various risk and data models.

Security Information and Event Management (SIEM) Use Case content functional and quality testing.

Developing actionable use cases to detect, triage, investigate, and remediate based on the latest threat actor trends, including actual technical implementation of parsing log sources creating, validating, and testing alerting queries to reduce false positives.

Enhancing SOC processes to increase centralized visibility, identify suspicious activity, and reduce the mean time to detect and respond to cyber threats.

Assist in Use Case Roadmap development and update Use Cases in Use Case Repository.

Review system security plans, network diagrams, and vulnerability and patching requirements.

Develop scripts to simplify data collection and automate data onboarding tasks.

Monitor and respond to alerts from MDM, DLP, Security Service Edge, SIEM, CCTV, and other applicable security tooling.

Assist in various assessments and audits, including internal analysis, stakeholder engagement, evidence collection, and reporting, all through GRC tools, Jira, and other applications.

Generate and present security reports, metrics, and findings to management and other stakeholders.

Identify, analyze, and respond to potential security events from alert sources.

Test backups and ensure effective recovery in the case of data loss or attack.

Assist in the development and maintenance of security policies, knowledgebase, SOPs, playbooks, and best practices as they relate to security engineering.

Contribute to the strategy and roadmap for making Alation a safer and more scalable organization that can continuously meet - and even exceed, when possible - the expectations of enterprise-level customers.

Work with the Alation engineering team to analyze product security and help drive awareness of best practices and security-minded decisions. 

Log any and all work done towards projects in Alation’s ticket management system.

What You Need:

3-5 years of experience in a security role that involves software implementation, monitoring, and risk remediation.

Bachelor’s degree in a technical field, such as Cybersecurity or an Engineering-related field.

Certifications such as CISSP, CISM, CISA, CRISC are a plus. PMP certification may also be helpful. 

A drive for proactive and preventative solutions rather than waiting for something to go wrong and fixing it. 

Experience implementing and refining Security SaaS solutions and platforms.

Experience in designing and implementing Data Protection technologies like DLP, CASB, Cloud Security, Datadog, or similar SIEM tools, MDM, and other technical solutions.

Specifically, experience with Zscaler, Microsoft Defender, and Kandji are a plus.

Able to pivot and thrive in a rapidly changing start-up environment, managing multiple tasks and prioritizing effectively based on feedback.

Administration of the DLP tools, which includes configuring policies and reporting.

Analyze event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices.

Monitor and respond to alerts generated from the DLP systems and other technologies.

Key individual contributor role with accountability for performing systems and network information.

Ensure the protection of networks, systems, and applications by enforcing security policy and through the use of systematic event analysis.

Monitor security alerts through the use of available security tools to respond, triage, and escalate as needed.

Be the driver who sees risk remediation through to the end.

Be meticulously organized and communicative with stakeholders who need to resolve risks related to monitoring results.

Independently motivated to seek out the best practices, skills, and solutions. 

Curate a “security” focused work culture.

#LI-SR1#LI-Remote

Alation, Inc. is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regards to that individual’s race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender identity, age, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.                                   
 

The Company will strive to provide reasonable accommodations to permit qualified applicants who have a need for an accommodation to participate in the hiring process (e.g., accommodations for a job interview) if so requested.  
 

This company participates in E-Verify. Click on any of the links below to view or print the full poster. E-Verify and Right to Work.