Security Operations Engineer II

Qualtrics, the leader in customer experience and creator of the Experience Management (XM) category, is changing the way organizations manage and improve the four core experiences of business––customer, employee, product, and brand. Over 12,000 organizations around the world are using Qualtrics to listen, understand, and take action on experience data (X-data™)––the beliefs, emotions, and intentions that tell you why things are happening, and what to do about it.

The Qualtrics XM Platform™ is a system of action that helps businesses attract customers who stay longer and buy more, engage employees who build a positive culture, develop breakthrough products people love, and build a brand people are passionate about. Join us as we help change the way people experience the world! Advance your career at a company that is dedicated to your ideas and growth, fills you with purpose, and provides a fun, inclusive work environment.

Company Description

Qualtrics is the technology platform that organizations use to collect, manage, and act on experience data, also called X-data™. The Qualtrics XM Platform™ is a system of action, used by teams, departments, and entire organizations to manage the four core experiences of business—customer, product, employee and brand—on one platform. Over 10,000 enterprises worldwide, including more than 75 percent of the Fortune 100 and 99 of the top 100 U.S. business schools, rely on Qualtrics to consistently build products that people love, create more loyal customers, develop a phenomenal employee culture, and build iconic brands. Qualtrics was recently acquired by SAP, and together we will accelerate XM and power the experience economy.  Join us on this adventure that can open many doors!  If you’re searching for a company that’s dedicated to your ideas and growth, recognizes your unique contribution, fills you with purpose, and provides a fun, flexible and inclusive work environment - apply now!

The Challenge

Qualtrics is growing exponentially and that growth means constantly finding and eradicating threats to our systems. We must continuously evaluate how we secure systems, identify potential threats, and implement alerts and tooling necessary that will help us maintain a strong security posture at scale. We are looking for a lead engineer to join our security operations center / incident response team who can work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.

Expectations for Success 

• Minimum of a BS degree, preferably in IT Engineering, Computer Science, or any other IT-related field of study 
• 3+ years of experience in the Information Security field
• Prior SOC and/or Incident Response experience preferred.
• Prior Security Engineering experience
• GIAC, or other security certification preferred, but not required
• Ability to lead an Incident Response Team and respond to emergency calls during non-business hours, as needed.
• Possess the ability to react quickly, decisively, and deliberately
• Excellent verbal and written communication skills.
• Proactive, self-managed, and able to interface well with interdisciplinary teams across the organization, including executive leadership
• Experience performing analysis utilizing SIEM, SOAR, and HIDS/HIPS technologies
• Experience performing analysis utilizing IDS/AV/Firewall consoles
• Experience with cloud computing and AWS services
• Strong understanding of networking and associated protocols
• Development skills including scripting (e.g. Python, shell scripting)
• Experience with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs)
• Knowledge of STIX/TAXII, SIGMA, DISA STIGs
• Experience with Multiple Operating Systems with a System Administrator level skill set on MacOS and Linux

A Day in the Life

• Performs Level  2 SOC/IR and shift lead duties as a part of a 24/7 security incident watch team
• Provide leadership, mentoring, and training to SOC/IR team personnel and to other Qualtrics stakeholders and the Qualtrics Information Security Team.
• Performs network and endpoint forensics to establish attack scope and root cause analyses
• Develops attack remediation strategies
• Ensures communication and escalation of security activities to leadership
• Performs additional analysis of escalations from SOC engineers and conducts incident review
• Identifies and develops workflow automation to lower response time and eliminate lengthy response times
• Develop and improve incident handling processes, standard operating procedures, playbooks, and automations
• Provides onboarding training and coaching to for junior SOC/IR Engineers
• Support FedRamp, ISO27001, SOC, HITRUST, and other audit activities for security operations and incident response

What differentiates us from other companies

• Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
• We take pride in our offices’ design aiming at cultivating creativity from our rooftop views to an open and collaborative work space.
• On top of our standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
• We believe in sharing Qualtrics success which is part of the compensation for all employees.