Cyber Security Engineer - Soc/Automation

About ForgeRock:

In today’s highly connected digital world, understanding, managing and securing the identity of individuals and things is essential to safety and success of both businesses and their customers. Billions of people connect from anywhere, use a wide variety of devices and expect a seamless yet secure experience.

The ForgeRock mission is to provide the most simple and comprehensive Identity and Access Management Platform to help our customers deepen their relationships with their consumers and improve the productivity and connectivity of their employees and partners. Our identity solution enables great digital experiences and is embedded with a rich set of security, privacy and consent features. We deliver our platform through both cloud services and on-premises software.

Our customers are some of the biggest companies, organizations, and even countries in the world. On any given day, it’s likely that the ForgeRock Identity Platform helped keep your data safe, gave you access to stuff, and supported trusted relationships between you, companies and the devices you were using.

ForgeRock is headquartered in San Francisco, but we are a global company with offices in the following cities: Vancouver, WA; Austin, TX; Bristol, UK; Grenoble FR; Oslo NO; and Singapore. Please read more about us at forgerock.com or follow ForgeRock on Twitter at http://www.twitter.com/forgerock.

Role: As a Cyber Security Engineer, you will focus on evaluating and supporting different engineering units developing on-premise and cloud solutions of our Identity and Access Management software as well as our corporate infrastructure. You will be providing recommendations to existing processes and technical controls and updating existing documentation should you find deficiencies. Additionally, you will contribute to the security governance and control program focused on security policies and standards, security awareness training, and security audits.

Main Responsibilities:

• Engage with subject matter experts to address new requirements and emerging business needs in a secure manner.
• Working in our cloud environments (GCP, AWS, Azure) to identify security issues, documenting them, and working to resolve them.
• Participate in the review and update cycle for security policies, standards, and controls.
• Build solid working relationships with business stakeholders to maintain and improve product and application security processes.
• Assist with or conduct audits on existing security policies and practices.
• Maintain and mature security tooling and related systems, such as vulnerability management, EDR, SEIM, and SOAR.
• Ensure excellent consistency, documentation, and process across all programs.
• Responding to alerts as part of an on-call rota, triaging, working with teams to resolve the issue.
• Manage security incidents, including technical analysis,

Required Skills & Qualifications

• Experience conducting security risk assessments.
• Experience with Incident Response, including management of incidents, technical analysis, knowledge of triage actions.
• Ability to perform with autonomy at the required level of the role, typically seen with 5+ years of applicable experience.
• Experience using, and security knowledge of, Google products (GSuite, GCP).
• Experience with common security tools (SEIM, SOAR, EDR, email security, etc)
• Experience in two or more of the following areas: Security Risk Management, Security operations, Network Administration, Systems Administration, SDLC, Encryption, Asset Management, Identity and Access Management, IT operations.

Preferred Skills & Qualifications:

• Proven management & delivery of IT process improvement projects.
• Demonstrated ability to collaborate at various levels of an enterprise environment; ability to lead up, down and across effectively.
• Relevant security certifications. such as CREST, GIAC, or cloud security qualifications (i.e. Google Professional Cloud Security Engineer).
• Experience performing technical assessments & audits of application security and working with auditors (internal & external).
• Bachelor’s degree in Computer and Information Science, Engineering, or related field, or suitable combination of education, experience and training.
• Understanding of cloud computing services/continuous delivery deployment architecture.

Life at ForgeRock:

We believe in and facilitate a flexible, collaborative work environment. We’re growing quickly, but remain true to the innovative, can-do startup values that got us here. Most importantly, we keep hiring talented, smart, fun, and genuinely nice people because that’s who we want to succeed with every day.

Here are just a few of the things that make ForgeRock special:

• A company culture that empowers you to do your best work.
• Recognition programs that reward employees with meaningful experiences.
• Competitive benefits and perks.
• Global volunteering and community initiatives
• Employee Resource Groups that create a sense of belonging for everyone.
• Regular company and team bonding events.

ForgeRock is the collective sum of all our individual experiences, backgrounds and influences and we pride ourselves in growing and learning together. We are committed to building an inclusive and diverse environment where everyone’s individuality is respected and everyone has an Identity. In recruiting for new colleagues, we welcome the unique contributions you can bring and encourage you to be your best self.

We are an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.