Senior Information Security Specialist

Remote position (only candidates from Argentina or Uruguay will be considered).

Must be available to work in EST/PST time zones.

We are seeking a Senior Information Security Specialist to join one of our client's team. This role will report to the head of Information Security while leading and continuing to build the Security and Incident Response function.

You will:

- Partner with internal stakeholders, vendors, and Infosec management to own projects, solutions, and key responsibilities within the larger business initiatives of a hyper-growth company

- Participate in security incident response planning and exercises.

- Develop and carry out Security Operations and Incident Management procedures and policies

- Support the front line responder by identifying, triaging, and remediating security events, anomalies, and incidents.

- Provide incident response support as a key stakeholder. Collaborate with the security & engineering teams to proactively improve and secure systems from future attacks.

- Implement detective and protective security controls across the infrastructure and systems to improve security maturity

- Utilize Sumo Logic logging and monitoring platform to publish security metrics

- Awareness training of the workforce on information security standards, policies, and best practices

- Develop, implement, and maintain information security policies, standards, and procedures.

- Position reports to our Head, IT & Information Security

What we are looking for:

- 2+ years of experience with Security Operations (SOC) and Incident Detection/Response programs

- Hand-on experience on administrating security technologies and tools such as Zerotrust Access solution,WAF, IAM solutions

- 2+ years of cyber risk management or compliance program experience

- Exposure managing Enterprise PaaS solutions (AWS, GCP) and cloud security tooling.

- Ability to manage multiple vendors, contracts, and 3rd party escalations.

- The ideal candidate will have experience across a range of cloud security technical disciplines and may have had past jobs such as Detection & Response lead, Threat, & Vulnerability Management (TVM) engineer, or other real-world Blue or Red team responsibilities.

- Direct experience leading security incident teams, including monitoring, detection, response, and threat-hunting functions across Enterprise and Product services.

- Someone who has led a roadmap for automation and orchestration to help scale and mature security incident response activities.

- Ability to communicate, both orally and written, with all levels of management and end-users across varying levels of technical backgrounds.

- Customer service-oriented person with a problem-solving attitude.

Experience and Skills:

- 5+ years of relevant experience working in Information Security in a cloud-first environment; with a minimum of 2 years of experience directly, working in a dedicated incident response, threat & vulnerability management, or digital forensics role.

- 2+ years deploying and operating a security information and event management tool (SIEM) or other security operations (SOC) related technologies

- Bachelor’s degree in Computer Science, Programming, or related field, or equivalent combination of education and experience.

- Relevant Professional certifications such as CISSP, GCIA, GCIH, OSCP, or similar are highly desirable.

- Experience with the Mitre Att&ck Framework and associated tactics and techniques or other threat modeling exposures.

- Proficient in Network and Security technologies.

- You have experience using log and data analysis platforms such as Splunk, Sumologic, Datadog, Grafana etc.

- Familiarity with Crowdstrike and AWS security tooling in cloud environments or similar products and services.

- Nice to Have: Programming skills, Experience with Kubernetes, AWS Certifications, Static and/or Dynamic code analysis tooling, Experience writing SDLC-related policy. 

About RYZ Labs:

RYZ Labs is a startup studio built in 2021 by two lifelong entrepreneurs. The founders of RYZ have worked at some of the world's largest tech companies and some of the most iconic consumer brands. They have lived and worked in Argentina for many years and have decades of experience in Latam. What brought them together is the passion for the early phases of company creation and the idea of attracting the brightest talents in order to build industry-defining companies in a post-pandemic world.

Our teams are remote and distributed throughout the US and Latam. They use the latest cutting edge technologies in cloud computing to create applications that are scalable and resilient. We aim to provide diverse product solutions for different industries, planning to build a large number of startups in the upcoming years.

At RYZ, you will find yourself working with autonomy and efficiency, owning every step of your development. We provide an environment of opportunities, learning, growth, expansion and challenging projects. You will deepen your experience while sharing and learning from a team of great professionals and specialists.

Our values and what to expect:

- Customer First Mentality - every decision we make should be made through the lens of the customer.

- Bias for Action - urgency is critical, expect that the timeline to get something done is accelerated.

- Ownership -  step up if you see an opportunity to help, even if not your core responsibility. 

- Humility and Respect - be willing to learn, be vulnerable, and treat everyone that interacts with RYZ with respect.

- Frugality - being frugal and cost conscious helps us do more with less.

- Deliver Impact - get things done in the most efficient way. 

- Raise our Standards - always be looking to improve our processes, our team, our expectations. Status quo is not good enough and never should be.