ON24 is on a mission to transform the way businesses drive revenue and customer engagement through data-rich digital experiences. Powered by the ON24 Platform, marketers create and deliver live, always-on and personalized webinar, content and virtual event experiences to engage audiences in real-time, to generate powerful buying signals and to accelerate pipeline. With billions of engagement minutes created, ON24 is the network where enterprises engage prospects and customers at global scale. Headquartered in San Francisco, ON24 has a wide international footprint serving the regions of North America, EMEA and JPAC. For more information, visit https://www.on24.com.
The Security Engineer will be a critical member of ON24’s information security team where they will contribute to safeguarding customer, employee, and company data in accordance with industry standards for a global enterprise SaaS company.
You will engineer security solutions, select and implement related technologies, and address security incidents.
40% Security Engineering
- Perform infrastructure and Cloud security design.
- Determine security requirements, related procedures, and define security controls.
- Perform vulnerability assessments and maintain vulnerability management tools and processes.
- Contribute to hardening standards and configuration guidelines.
- Evaluate and implement new security products/solutions.
40% Security Analysis
- Monitor and analyze security alerts and events.
- Work to enhance detection, correlation, and automation capabilities.
- Perform Incident Response activities. Facilitate coordination of security efforts across the organization.
20% Penetration Testing & Threat Research
- Coordinate, scope, and manage penetration testing efforts.
- Conduct internal security reviews, threat hunting, and training exercises.
- Review threat intelligence and produce advisories as applicable to ON24's environment.
- Research and review new threat vectors, develop detections and preventions.
- BS degree or equivalent experience
- At least 5 years work experience in technical security roles
- Hands-on experience with security devices such as network firewalls, load balancers, WAFs (e.g. Cisco, Fortinet, F5), and IDS/IPS (e.g. Snort, Suricata, Bro)
- Expertise with security monitoring, detection and response / SIEMs (e.g. Splunk, ELK)
- Deep understanding of security threat modeling, risk prioritization, and technical security measures
- System administration skills (Linux, Windows Server) and scripting capabilities (BASH, Python, Powershell)
- Excellent written and verbal communication skills
- Ability to work effectively and drive results in a remote team
- Security certifications, e.g. CISSP, GIAC, CCSK etc.
- Experience working in a SaaS, hybrid-Cloud environments
- Experience securing cloud, virtualization, and containerization platforms (K8s)
- Familiarity with Monitoring (Nagios, Check_MK, Solarwinds, Prometheus), and/or DevSecOps toolchains (e.g. Puppet, Ansible, Terraform, Jenkins, etc.)
- Knowledge of web application / software security assurance basics, e.g. OWASP Top 10.
- Passionate about security with strong desire to learn and grow
ON24 is proud to be an equal employment opportunities (EEO) workplace to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, ON24 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Pursuant to the San Francisco Fair Chance Ordinance, ON24 will consider for employment qualified applicants with arrest and conviction records.