Lead Security Operations Engineer (worldwide remote, work anywhere)

CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high-volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure we are all successful. We are truly a great place to work.

Check out our website for more information https://cloudlinux.com/

We are looking for a Lead Security Operations Engineer who will drive the development, implementation, and operational excellence of our detection, incident response, and threat intelligence capabilities. This role requires expertise in analyzing large datasets, building and maintaining Detection & Response infrastructure, and deploying cybersecurity tools at the infrastructure level. You will play a key role in strengthening CloudLinux’s security posture by enhancing visibility, improving response processes, and collaborating across teams to lead critical security initiatives.

As a Lead Security Operations Engineer, you will:

• Incorporate security practices into our infrastructure and automation processes.
• Collaborate with development and operations teams to embed security measures into the entire software development lifecycle.
• Create detection rules to catch attackers. Pursue unusual strategies to try to radically improve our ability to detect attackers and the speed of detection.
• Stay current with security standards/regulations.
• Identify security innovation tools/lead implementation solutions from proof of concept to production.
• Manage/implement cloud security controls - identity, access management, organizational policies. Evolve our tooling/logging/monitoring/alerting systems, increasing observability and transparency.
• Triage, investigate, and escalate security alerts, and provide recommendations for remediation.
• Document procedures and best practices to ensure effective knowledge sharing.
• Configure and operate security scanning tools, collaborating with internal and external engineering teams to optimize alert rules.
• Develop a comprehensive understanding of systems, environments, and tools.

To be successful in this role, you should have:

• Experience in an IT/security-related role (SecOps/Blue Team experience, etc.).
• Experience in triaging security alerts/executing incident response. Experience with building, configuring, and managing patch management tools.
• Practical knowledge of tools and/or tech stack components (such as EDR, Vulnerability Scanner, SIEM, Cloud).
• Practical knowledge of fundamental security concepts, including network/endpoint security, security alert triage, and basic application security.
• Experience building and maintaining monitoring and alerting capabilities.
• Deep expertise with Linux-based operating systems
• Critical thinking and the ability to balance security requirements with mission needs. Innovative approach.
• Be an IT Security enthusiast with thorough knowledge and expertise in the security and software development spaces.
• Thorough understanding of the latest technologies, security principles, and protocols.
• Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods.
• At least C1 and a higher level of English proficiency.

 It would be a plus if you also have:

• Relevant information security certifications: CISSP, OSCP, OSCE, LPT, etc.
• Experience in modern container orchestration projects. Have experience with cloud vendors - GCP, Azure, AWS.
• Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc.
• Knowledge of/experience with information security standards and frameworks: PKI, WS-Security, X.509, SSL/TLS, etc.
• Bachelor's degree in Computer Science, Information Security, or related field.
• Experience in CTF or bug bounty programs.
• Knowledge of application security practices and tools.

What's in it for you?

• A focus on professional development.
• Interesting and challenging projects.
• Fully remote work with flexible working hours, which allows you to schedule your day and work from any location worldwide.
• Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.
• Compensation for private medical insurance.
• Co-working and gym/sports reimbursement.
• Budget for education.
• The opportunity to receive a reward for the most innovative idea that the company can patent.

By applying for this position, you agree with CloudLinux Privacy Policy (https://cloudlinux.com/legal/privacy-policies-hub/ ) and give us your consent to maintain and process your personal data with this respect. Please read our Privacy Policy for more information.