Now hiring
Security Operations Engineer (SecOps)
Now hiring

Security Operations Engineer (SecOps)

About Toptal

Toptal is a global network of top freelance talent in business, design, and technology that enables companies to scale their teams, on-demand. With $100+ million in annual revenue and over 40% year-over-year growth, Toptal is the world’s largest fully remote company.

We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun. We see no borders, move at a fast pace, and are never afraid to break the mold.

Position Description

As a SecOps Engineer at Toptal, you will work with Development, IT Operations, and Infrastructure teams to provide the tools, environment, and guidance for building high-quality secure applications. You will contribute to software design and implementation decisions. You will build libraries and utilities to help developers keep software secure. You will conduct assessments, automate operational workflows, and hold security training.

This is a remote position that can be done from anywhere. Due to the remote nature of this role, we are unable to provide visa sponsorship. Resumes and communication must be submitted in English.

Responsibilities:

  • Run secure code assessments and advise developers on remediation.
  • Maintain static and dynamic security analysis tools and integrate them into the CI pipeline.
  • Provide timely and adequate information about the current state of Toptal security.
  • Develop corporate security practices, policies, and standards.
  • Respond to any ongoing or completed incidents, help teams to find the root cause, and set possible action points.
  • Contribute to application designs and solutions and assist with code reviews.
  • Educate staff on personal, corporate, architecture, and development security best practices.

In the first week, expect to:

  • Onboard and integrate into Toptal.
  • Rapidly begin learning about Toptal’s history, culture, and vision.

In the first month, expect to:

  • Get familiar with the tools we use to assess and improve the security of our applications.
  • Complete necessary training.
  • Deliver your first tickets through to completion.
  • Begin collaborating with other teams.

In the first three months, expect to:

  • Track the latest vulnerabilities in used frameworks and technologies and communicate to developers on how to mitigate them.
  • Improve the security audit of our applications (integrate new security tools, scale current solutions to more projects, create dashboards with metrics, and set up automated notifications for our teams).
  • Work on achieving team OKRs.

In the first six months, expect to:

  • Take part in making design/implementation decisions.
  • Investigate security events and carry-on follow-up actions.
  • Suggest and implement improvements for our processes and tools.
  • Hold security awareness & education sessions and develop appropriate materials for the whole company.

In the first year, expect to:

  • Assist in preparation for certification against one of the modern security standards (ISO 27001, SOC1 or other).

Requirements:

  • 3+ years’ experience with application security.
  • Experience in application development with at least 1 modern programming language.
  • Experience with CI/CD tools like Docker and Jenkins, as well as cloud platforms (preferably GCP).
  • Knowledge of OWASP methodology and web and mobile vulnerabilities.
  • Be familiar with common security standards (e.g. ISO/IEC 27000-series, GDPR, SOC1).
  • Be familiar with SAST and DAST tools like BurpSuite, OWASP ZAP, NMap, Metasploit, Kali Linux, etc.
  • Ability to solve complex problems by considering multiple solutions, weighing them, and deciding on the best course of action.
  • Be genuinely interested in technology and love to try new things.
  • Be open to receiving constructive feedback.
  • You must be a world-class individual contributor to thrive at Toptal. You will not be here just to tell other people what to do.
For Toptal Use Only: #LI-REMOTE #individualcontributorEurope #LI-CS1

Who You Will Work With

Ismael Peinado

Ismael Peinado

Chief Technology Officer

As Toptal's Chief Technology Officer, Ismael leads the company's engineering organization, driving process and culture to ensure top quality delivery from our team of world-class engineers. Ismael was formerly the CEO and Co-Founder of Blue4, a distributed media system used in the aerospace and entertainment industries. He leverages over twenty years’ experience in providing commercial, operational, and technical leadership for B2B, B2C, and government organizations from early-stage startup to large-high growth market leaders. Ismael has a BE and BS in Industrial Engineering from the Universidad de Málaga.

Bozhidar Batsov

Bozhidar Batsov

Senior Director of R&D

As Toptal's Senior Director of R&D, Bozhidar is responsible for the execution of our technical excellence and innovation strategy, ensuring that Toptal leverages world-class technology. He works closely with our software architects and technical product managers to collaborate with all of Toptal's engineering teams on the feasibility and implementation of technical improvement initiatives. Before Toptal, Bozhidar was the CTO of a fintech startup. He is also known for his extensive contributions to the Ruby and Clojure programming communities. Bozhidar holds an MS in Computer Science from the Technical University of Sofia. He's an avid public speaker and has presented talks on a vast number of programming-related topics all over the world.

View the Whole Team

Working at Toptal

We're changing the way the world works. Toptal is not only a place to progress your career and design your own lifestyle, but also a company where you'll learn how to develop innovations that push business and technology forward.
Toptal Careers →

Think you’re a fit? Apply below:

Browse

Which of the following best describes the time zone you are currently based in?

Are you familiar with OWASP methodology?

Are you familiar with SDLC (Software Development Lifecycle)?

Are you familiar with CI/CD?

How long have you been working in Security Operations roles?

By submitting your application, you are agreeing to Toptal’s Terms of Service, Privacy Policy, and Cookie Policy. Toptal may record your interview for quality assurance and training purposes.
Interested in joining our global talent network?
Apply as a Freelancer  
Quote author

Working at Toptal has been the best experience of my career. Every day I'm surrounded by intelligent, thoughtful, and hard-working colleagues that push me to be better.

Jordan Lyons

SEO Manager