Tribeca Venture PartnersRemote
Senior Engineer, Security Operations
United States of America
Full Time
5 hours ago
Visa Sponsor
Key skills
Security frameworks NIST CSFSecurity frameworks ISO 27001Security frameworks CIS ControlsCloud securityAWSGCPAgentic AIGenerative AIAdversarial AI/ML techniquesMITRE ATLAS frameworkCASBDLPSASE technologiesData security controlsLinuxKubernetesContainer securityDevOpsTCP/IP NetworkingAIMLAgenticAnalyticsEC2LambdaS3RDSSaaSAgileLeadershipProject ManagementCommunicationCloud SecurityZero Trust
About this role
Tribeca Venture Partners is seeking a Senior Operations Engineer responsible for enhancing the security posture of ACV Auctions. This role involves leading threat hunting initiatives, developing detection logic, and overseeing incident management to strengthen cybersecurity operations.
Responsibilities:
- Lead proactive, hypothesis-driven threat hunting across endpoint, cloud, and identity environments
- Develop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platforms
- Map adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverage
- Analyze threat intelligence and emerging attack patterns to strengthen defenses
- Lead and scale cybersecurity operations across enterprise or multi-tenant environments
- Oversee incident triage, investigation, containment, and remediation
- Act as escalation point for high-severity incidents
- Improve alert fidelity and reduce false positives through tuning and automation
- Mature the alert and incident management tracking systems
- Standardize workflows and playbooks to ensure operational consistency
- Design and implement incident response frameworks and playbooks
- Lead response efforts for advanced threats across environments supporting up to large user bases
- Conduct root cause analysis and post-incident reviews
- Automate response actions to reduce mean time to detect/respond (MTTD/MTTR)
- Secure multi-cloud environments (AWS, GCP) through posture management and configuration monitoring
- Detection of Zero Trust principles and violations across identity and access management systems
- Strengthen controls within platforms such as, CASB and DLP solutions
- Automate workflows and security operations processes for tracking the remediations actioned against the environment
- Integrate tooling and orchestrate response using SOAR or similar platforms
- Continuously improve detection capabilities and operational efficiency
- Deliver AI enabled automations and tooling for the ACV Security Operations Center
- Deliver executive-level reporting (MBRs/QBRs) on security posture, threats, and risk
- Translate technical findings into business-relevant insights to present to external stakeholders
- Collaborate cross-functionally with IT, engineering, and leadership teams
- Perform additional duties as assigned
Requirements:
- 8+ years' experience
- Minimum of a 4 year Bachelor's degree
- Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls)
- Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments
- Experience with modern software development including Agentic and Generative AI techniques
- Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework
- Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders
- Ability to work effectively in a remote environment and manage geographically dispersed teams
- Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels
- Knowledge of CASB, DLP and SASE technologies
- Proven ability to be agile and work effectively in a dynamic environment
- Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations
- Excellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environment
- Should be a creative and analytical problem solver with a passion to provide excellent customer service
- Practical hands-on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms
- Linux and Kubernetes/Container management and security
- DevOps code based implementation and management
- Knowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security Center
- Understanding of TCP/IP Networking including knowledge of Protocols and Services
- Understanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised
- Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business
- Experience with Fintech companies is desirable