Senior/Staff Security Operations Engineer

Crusoe Energy is on a mission to unlock value in stranded energy resources through the power of computation.

Take a look at what we do! - https://www.youtube.com/watch?v=Rlt8k71Quqw 

We aim to align the long term interests of the climate with the future of global computing infrastructure. As data centers consume an exponentially growing power footprint to deliver technology to all connected devices, we are inspired by making sure that the energy meeting that demand is sourced in an environmentally responsible fashion. Crusoe co-locates mobile data centers with stranded energy resources, like flare gas and underloaded renewables, to deliver low-cost, carbon-negative distributed computing solutions. Crusoe Cloud is a managed cloud services platform powered by stranded energy that enables climate-friendly innovation in computationally intensive fields including artificial intelligence, graphics rendering and computational biology.

About This Role:

Crusoe Security & Compliance is hiring a Senior/Staff Security Operations Engineer to play a critical role in safeguarding Crusoe, our customers, and ensuring our security posture remains robust against emerging threats. This role involves leading the detection strategy, creation, tuning, validation, and correlation to maintain effective detections against an ever-changing threat landscape. The role is hands-on, encompassing the management of detection technologies and incident response.

A Day in the Life:

Leadership & Strategy:

• Develop and execute a comprehensive security operations strategy that aligns with organizational goals, ensuring robust protection against current and future cyber threats.

• Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.

• Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.

Detection and Incident Response:

• Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.

• Continuously tune alerting rules to reduce false positives and enhance our signal-to-noise ratio.

• Perform forensics and lead response efforts during security incidents, including triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.

Operational Security:

• Drive the advancement and growth of detection and automation initiatives.

• Manage security event monitoring, management, response workflows, and tasks.

• Improve security operations by developing measurement capabilities and metrics to track and communicate performance, coverage, and risk.

Automation and Improvement:

• Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.

• Create, maintain, and manage a library of automated playbooks to address new threats and tactics employed by attackers.

Documentation and Compliance:

• Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of services being delivered.

• Support ongoing security compliance, audit, and certification programs (e.g., HIPAA, SOC 2).

You Will Thrive In This Role If:

• Minimum of 6 years in cybersecurity, with a focus on detection and response.

• Technical proficiency with protection of on-premise computing environments and proficiency with one or more major cloud computing environments.

• Strong expertise in incident handling and forensic investigation.

• Strong knowledge of the cyber threat landscape and ability to articulate and incorporate understanding of major threat categories, motivations, and intent of adversaries.

• Automation-first mindset and demonstrated expertise in mentoring and training peers in security engineering skill sets.

• Experience in at least one programming language (Python, Go, C, C++) or deep expertise using low-code automation tools or SOAR platforms.

• Exceptional collaboration and communication skills, with the ability to engage with partners and stakeholders from various perspectives and technical understanding.

• Familiarity with modern infrastructure tools, such as Docker, Kubernetes, Ansible, Cloud Formation, Terraform.

• Experience building and scaling open source security observability solutions 

• Experience with Unix/Linux environments.

• Self-motivated, with good communication and writing skills.

• Must be able to pass a background check.

• Embody the Company values

Benefits:

• Hybrid work schedule

• Industry competitive pay

• Restricted Stock Units in a fast growing, well-funded technology company

• Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents

• Paid Parental Leave

• Paid life insurance, short-term and long-term disability

• Teladoc

• Pet-friendly offices

• 401(k) with a 100% match up to 4% of salary

• Generous paid time off and holiday schedule

• Cell phone reimbursement

• Tuition reimbursement

• Subscription to the Calm app

• Company paid commuter benefit; $100 per month

Compensation Range:

• Compensation will be paid in the range of $180k - $300k per year. Restricted Stock Units are also included in all offers. Compensation to be determined by the applicant’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.

Crusoe Energy is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.