Samsara is a pioneer of the Connected Operations™ Cloud, dedicated to improving the safety, efficiency, and sustainability of physical operations. In this role, the Senior Security Operations Engineer I will monitor and respond to security events, lead security incidents, and conduct digital forensic investigations while collaborating with a global team to enhance security initiatives.
Responsibilities:
- Monitor security events and provide technical analysis on alerts
- Lead information security incidents and employee investigations by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
- Deliver security guidance clearly and concisely for incident response and insider threat initiatives
- Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations, incident response, and insider threat
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
Requirements:
- 5+ years of experience in Security Incident Response
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
- Ability to build scripts or tools to support Samsara's investigation processes, with proficiency in Python
- Mentor and train security operation engineers on data collection, analysis, and reporting technical analysis
- Practical experience acting as a lead during security incident response, including monitoring and triaging alerts, and coordinating across teams
- Understanding of analysis and forensics techniques on macOS, Windows, and Linux
- Experience utilizing SIEM tools to perform log reviews
- Experience in cloud architecture and security (AWS, GCP) and cloud-based services
- This role will be part of our Pacific Time Zone shift and therefore must reside in the Pacific Time Zone, Mountain Time Zone or Central Time Zone of the United States or Canada
- 3+ years of experience working on insider threat initiatives or employee investigations
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field - or relevant industry experience
- GIAC Certified Incident Handler (GCIH) Certification
- Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO 27001, FedRAMP