Job Specifications
Olo is a leading SaaS platform accelerating digital transformation in the restaurant industry, by helping customers deliver more personalized and profitable guest experiences. As a result, our digital ordering, payment, and guest engagement solutions enable brands to do more with less and make every guest feel like a regular.
As Senior Security Engineer, you will help Olo reduce identified risks, respond to adversarial attacks while maintaining the up-time of our systems, and implement the right strategic risk mitigation measures to safeguard the data of our clients and their customers while supporting innovation. You will also provide white glove service and support to internal and external stakeholders by addressing security questions and support issues as needed, and by mentoring other engineers in how to best provide support. Additionally, you will help in the identification and prioritization of future project initiatives based on risk, and execute on cross-functional projects with a high degree of ownership and excellence, all while actively mentoring other team members and elevating the collective team’s capabilities and skill sets through peering and informal training.
This position is fully remote and allows you to work from anywhere within Northern Ireland.
What You'll Do
Lead improvements in detection and response capabilities, continuously optimizing monitoring, alerting, and incident response processes
Mentor junior and mid-level engineers, setting a high standard in security practices and offering guidance for professional development
Participate actively in a 24/7 on-call rotation, responding to escalated security incidents and coordinating effective resolutions
Demonstrate excellence in white-glove service delivery, ensuring security incidents are managed thoroughly and with professionalism
Define and collaborate on implementing leading security practices, ensuring strategies align with organizational security goals and industry standards
Take ownership of security project execution, prioritizing tasks and aligning initiatives with team and company objectives
Use and optimize advanced security tools, including SIEMs and vulnerability scanners, to enhance detection, logging, and analysis capabilities
Conduct regular and detailed vulnerability assessments, identifying gaps in security controls and implementing mitigation strategies
Support compliance efforts, ensuring documentation, audits, and regulatory standards are met to maintain certifications and adherence to best practices
Collaborate with cross-functional teams, including development and IT, to integrate security best practices within architectural frameworks
Lead security awareness initiatives, educating technical teams on advanced security topics and secure coding practices
Stay informed on emerging security threats and technologies, continuously evaluating and integrating relevant tools or methodologies
Provide guidance for risk management processes, helping to establish and maintain effective risk identification and mitigation protocols
Develop and document security processes and procedures, ensuring consistency and readiness for both routine and high-stress security incidents
Support leadership with reporting by providing insights and data on incidents, vulnerabilities, project progress, and metrics to inform security decisions
Lead automation and process optimization efforts by developing scripts and tools to automate repetitive security tasks as well as to enhance detection and response capabilities through the use of automation and integration of security tools
What We'll Expect From You
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent security experience)
3+ years of experience in security engineering and operations, including extensive experience in blue team operations, security architecture, DevOps, and general operations
Deep knowledge of information technology, evolving threats, attack patterns, incident response, and cybersecurity standards
Proven ability to develop and lead incident response, including remediation, mitigation, and regular status updates and reporting
Skilled in security event evaluation, discerning legitimate security incidents from false positives, incident investigation, countermeasures, and impact monitoring
Strong understanding of operating system, networking, and application hardening for Windows, macOS, and Linux, including virtualization security
Experience deploying, maintaining, and administering security technologies like IDS, DLP, FIM, firewalls, SIEM, MFA, vulnerability assessment tools, web proxies, and WAFs
Experience with cloud providers and Infrastructure as Code (IaC) tools, such as Terraform, Ansible, or CloudFormation
Proficiency in AWS security best practices
Skills in automation, development, or scripting for enhanced security operations
Advanced knowledge of Application Security, modern web protocols, and Web Application Firewall