Security Operations Lead
Cue Health (Nasdaq: HLTH) is a mission-driven healthcare technology company that puts consumers in control of their health information and places diagnostic information at the center of care. Cue Health enables people to manage their health through real-time, actionable, and connected health information, offering individuals and their healthcare providers easy access to lab-quality diagnostics anywhere, anytime, in a device that fits in the palm of the hand. Cue Health’s first-of-its-kind COVID-19 test was the first FDA-authorized molecular diagnostic test for at-home and over-the-counter use without physician supervision. Outside the United States, Cue Health has received the CE mark in the European Union, Interim Order authorization from Health Canada, and regulatory approval from India’s Central Drugs Standard Control Organisation. Cue Health was founded in 2010 and is headquartered in San Diego. For more information, please visit www.cuehealth.com.
Cue Health Inc. is seeking to hire a full-time Security Operations Lead. The ideal candidate will have experience in infrastructure security, security operation centers (SOC), and have working knowledge and experience in managing core functions of the Managed Detection & Response (MDR) team.
Lead Cue Health’s SOC team and lead the BAU support for the MDR, SIEM, SOAR, DLP, Email Security, Endpoint Security Service, Security Incident Management and Cyber Threat.
Provide technical solutions, customization and tuning, automation, and use case development for different SIEM solutions.
Guide team in performing incident investigations and responses to incidents.
Facilitate deep-dive analysis and team trainings.
Collaborate with various internal teams such as DevOps, Software, IT, Legal, and Safety to improve Cloud security posture.
Provide technical guidance to the team members and establish roadmap for Set Long/Short term goals.
Collaborate with multiple stakeholder teams including the SOC, Threat Modeling & Hunting Teams.
Create strategies, technical plans, and architectures to audiences of technical and executive leadership as required.
Continuously improve threat detection capabilities, use cases and playbooks.
Mentor and guide the detection engineering team and plan training activities.
Employ best practices to identify, analyze, and support all incidents that are either impactful or potentially impactful to business, the brand and or employees.
Serve as a subject matter expert for the security systems and applications used within the SOC.
As a SOC Lead, guide the team to investigate alerts generated by differing data sources including SIEMs, EDR solutions, and cloud-based security offerings.
Perform investigations to gather information necessary for determining follow on actions.
Lead threat hunting and investigations into potential threats based on log data and provide results of analysis to management.
Perform trend analysis of security log data from a wide range of security devices.
Coordinate and implement security operations center training and evaluations designed to ensure adequate and high-quality staffing levels are maintained along with OEM providing SOC-as-a-Service.
Provide oversight and guidance to the SOC during emergency response situations.
Coordinate with SOC analyst and CrowdStrike manage service team to identify potential risk and issues within Cue infrastructure.
Address information security incidents, including phishing, information theft, misuse of data, intrusions, hostile probes, and malicious software.
Bachelor’s degree in Information Technology, Engineering or related field.
Minimum 6 years of GSOC/Security Operations Center experience
Minimum of 2 years of experience in leading a Security Operations Team.
Expert understanding of Threat Assessment, Proactive Threat Hunting with various Security tools.
Expert in understanding of the full cyber threat/attack lifecycle, including attack vectors, methods, and TTPs.
Expert Knowledge in Netskope, Qualys, CrowdStrike, and Proofpoint.
Experience with Saas Applications, Azure, GCP and AWS Cloud technologies
Experience with Firewalls, Proxy, and IDS/IPS.
Working experience on Falcon CrowdStrike, Qualys, Google Chronicle, Splunk, IBM Qradar, Datadog, Netskope.
Good understanding of NIST CSF, MITRE, SANS, and other Cyber Security Frameworks.
Must have the ability to develop and write clear and concise emails, memos, and incident reports for company stakeholders and senior leadership.
Flexible for 24 X 7 shifts
Current certification in any one or more industry-recognized information security certification such as CISM, OSCP, Security+, CEH, GIAC GSEC/GCIH, SSCP, CISSP
Environment and Physical Activities/Requirements:
You will work in an indoor office environment for which no adverse conditions are expected. This position requires the following physical activities and/or requirements:
Remaining in a stationary or sedentary position, often standing and/or sitting for prolonged periods of time
Repeating motions, such as keyboarding, that may include the wrists, hands, and/or fingers
Communicating with others to exchange information
Adjusting, moving, carrying, lifting, pushing or pulling objects up to 20 pounds
Your contribution will set the pace and have an impact in the technology, health, and diagnostic industry. Your work and ideas will be valued and respected, and we hope you will find enjoyment working with a collaborative team on an innovative device. We offer upgraded computer equipment, and a competitive salary.
Cue Health Inc. is an equal opportunity employer, consistent with applicable laws. Individuals seeking employment are considered without regards to race, color, religion (including religious accommodations), creed, sex (including pregnancy, childbirth and related medical conditions), gender (including gender identity and expression), sexual orientation, marital status, national origin (including language use restrictions), ancestry, mental and/or physical disability, medical condition (cancer, genetic information and characteristics, requests for medical and family care leave), age, military or veteran status, and any other classification protected by applicable federal, state, and local laws.