Now hiring
Senior Security Operations Engineer
Now hiring

Senior Security Operations Engineer

About Toptal

Toptal is a global network of top talent in business, design, and technology that enables companies to scale their teams, on-demand. With $200+ million in annual revenue and team members based around the globe, Toptal is the world’s largest fully remote workforce.

We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun. We see no borders, move at a fast pace, and are never afraid to break the mold.

Job Summary

As a Senior SecOps Engineer at Toptal, you will work with Development, IT Operations, Infrastructure teams, and Risk & Compliance, empowering the company with the knowledge and tools needed to protect Toptal’s products vigilantly. You help to ensure they are well-armed to maintain the highest security standards, safeguarding the company’s future. You will conduct assessments, automate operational workflows, and hold security training for the Engineering function.

This is a remote position. We do not offer visa sponsorship or assistance. Resumes and communication must be submitted in English.

Responsibilities:

  • The following information is intended to describe the general nature and level of work being performed. It is not intended to be an exhaustive list of all duties, responsibilities, or required skills.
  • Run security assessments and advise developers on remediation.
  • Educate staff on personal, corporate, architecture, and development security best practices.
  • Contribute to application designs and solutions and assist with code reviews.
  • Raise security concerns to the forefront.
  • Conduct targeted educational sessions and workshops to elevate the security knowledge of staff across personal, corporate, architectural, and development domains.
  • Champion security within the organization by proactively identifying and raising security issues, and advocating for security-first practices.
  • Maintain security development lifecycle and integrate them into the CI pipeline.
  • Develop and maintain active monitoring tools.
  • Provide timely and adequate information about the current state of Toptal security.
  • Contribute with Risk & Compliance on corporate security practices, standards and policies.
  • Respond to any ongoing or completed incidents, help teams to find the root cause, and set possible action points.

In the first week, expect to:

  • Onboard and integrate into Toptal.
  • Rapidly begin learning about Toptal’s history, culture, and vision.

In the first month, expect to:

  • Complete mandatory training.
  • Get familiar with the tools we use to assess and improve the security of our applications.
  • Have a good understanding of our infrastructure setup and critical applications.
  • Deliver your first tickets through to completion.
  • Begin collaborating with other teams.

In the first three months, expect to:

  • Contribute with the vulnerability management process, escalating vulnerabilities in used frameworks and technologies and communicate to developers on how to mitigate them.
  • Own the team’s backlog by creating new tickets and grooming existing ones when necessary.
  • Work on achieving team goals.
  • Start participating in the on-call rotation.

In the first six months, expect to:

  • Take part in making design/implementation decisions.
  • Investigate security events and carry-on follow-up actions.
  • Suggest and implement improvements for our processes and tools.
  • Improve the security audit of our applications (integrate new security tools, scale current solutions to more projects, create dashboards with metrics, and set up automated notifications for our teams).
  • Hold security awareness & education sessions and develop appropriate materials for the whole company.

Qualifications and Job Requirements:

  • 3+ years experience in application security, with a strong understanding of security principles and practices across engineering teams.
  • Demonstrated ability to lead security initiatives and spread a comprehensive security mindset across engineering areas.
  • Proficiency in coaching, mentoring, and providing guidance to engineering teams to enhance their security skills and awareness.
  • Experience in developing and proposing security guidelines and best practices tailored to diverse engineering needs.
  • Solid background in application development using at least one modern programming language.
  • Familiarity with CI/CD tools like Docker, Jenkins, and GitHub Actions, as well as cloud platforms (preferably GCP).
  • Knowledge of Infrastructure as Code (IaC), with experience in tools like Terraform.
  • Understanding of OWASP methodology, and awareness of web and mobile vulnerabilities.
  • Familiarity with common security standards such as ISO/IEC 27000-series, GDPR, SOC2, and PCI.
  • Experience in using SAST and DAST tools like Snyk, BurpSuite, OWASP ZAP, and others.
  • Familiarity with Cloud Compliance tools, such as InSpec.
  • Strong problem-solving skills with the ability to consider and integrate multiple solutions.
  • High enthusiasm for technology with a proactive approach to learning and adopting new tools and practices.
  • Open to and appreciative of constructive feedback, promoting a collaborative and learning-focused work environment.
  • Holds one or more current, valid security-related certifications (preferred).
  • Outstanding written and verbal communication skills, capable of effectively articulating security concepts to diverse audiences.
  • Ability to work in a fast-paced, rapidly growing company and handle a wide variety of challenges, deadlines, and a diverse array of contacts.
  • You must be a world-class individual contributor to thrive at Toptal. You will not be here just to tell other people what to do.
For Toptal Use Only: #individualcontributorEurope #LI-SP1 #LI-REMOTE

Who You Will Work With

Ismael Peinado

Ismael Peinado

Chief Technology Officer

As Toptal's Chief Technology Officer, Ismael leads the company's engineering organization, driving process and culture to ensure top quality delivery from our team of world-class engineers. Ismael was formerly the CEO and Co-Founder of Blue4, a distributed media system used in the aerospace and entertainment industries. He leverages over twenty years’ experience in providing commercial, operational, and technical leadership for B2B, B2C, and government organizations from early-stage startup to large-high growth market leaders. Ismael has a BE and BS in Industrial Engineering from the Universidad de Málaga.

Emiliano Ritiro

Emiliano Ritiro

Director of Engineering

As one of Toptal's Directors of Engineering, Emiliano is responsible for all new development and maintenance related to Toptal's Infrastructure, Continuous Integration, Security Operations, and Help desk. Emiliano has a lean, product-first mentality. He has led the development of software for enterprises and startups, including Deloitte, Bago, and Virgin. Emiliano has a Master's in Computer Engineering from the University of Buenos Aires.

View the Whole Team

Working at Toptal

We're changing the way the world works. Toptal is not only a place to progress your career and design your own lifestyle, but also a company where you'll learn how to develop innovations that push business and technology forward.
Toptal Careers

Think you’re a fit? Apply below:

Browse
By submitting your application, you are agreeing to Toptal’s Terms of Service, Privacy Policy, and Cookie Policy. Toptal may record your interview for quality assurance and training purposes.
Interested in joining our global talent network?
Apply as a Freelancer  
Quote author

Agency to create real impact, co-workers who support and challenge you, a work environment designed for high performers, and a powerful mission that seeks to change the future of work; I never thought I would find a company that had them all. I am so glad I made the decision to join Toptal.

Kimberly Hall

VP of Customer Operations

 Thank you for applying to Toptal! Your application has been successfully submitted.

Trending Now on Toptal Insights

Toxic Communication in Virtual Workspaces: A Looming Liability for Remote and Hybrid Companies

By Jeffrey Gangemi

5 Lessons From Fast-growing Tech, Energy, and Fintech Companies

By KJ Bannan

The Personal Finance of Career Independence

By Erik Stettler
Read more Toptal Insights