WHO WE ARE
One third of the world’s food goes to waste. Which means all the water, energy, and greenhouse gases used to produce that food is wasted with it. This is a problem with a $990 billion price tag for the food industry and an even bigger one for the planet. But we believe the solution is simple.
What if we could eliminate waste by better balancing the supply and demand of food?
Zume uses predictive analytics and real-time food consumption data to predict customer demand, match it with production, and enable food companies to make smarter decisions across the food supply chain.
By connecting all the pieces of the food supply chain, we enable our partners to make better decisions for their business, their customers, and the planet we all call home.
We’re tackling some of the world’s biggest problems, and we need your help to solve them. If you want to take on something different in your career, we’d love to meet you.
WHAT YOU'LL DO
This is role that has a strong bias for action - only self-starters and drivers need apply. This role will focus on implementing monitoring and reporting systems, incident response protocols, security design reviews, and providing guidance to engineering and project teams on the implementation of security controls in Zume’s operating environments. You will have a passion for performance, a balanced view of cost versus benefit, and above all else have a driving desire to keep Zume secure while maintaining the very highest standards in customer service. The right candidate will identify and scale out the team as the need arises, while leveraging vendors and internal partners in the interim. This role will have a strong emphasis on Incident Response (IR), and will be tasked to optimize and scale out a security event collection, aggregation and analysis capabilities. We’re seeking someone with security and service engineering expertise and passion to help us build best-in-class incident response capabilities inside of Zume. This role will grow to be a management position.
Specific work includes:
- Specify new security controls needed to reduce risks identified from security reviews and threat modelling exercises or from security incidents and specify these new controls as requirements to be added the organization’s SDL process.
- Tailor and tune data collection for cloud-based assets, from the operating system plane to the application and service planes
- Conduct and coordinate security monitoring agent deployments and upgrades in conjunction with the customer change management policies and procedures with due diligence
- Engineer, implement, improve, and operate healthy state of data collection, monitoring, and alerting systems
- Evaluate security risks, threat intelligence, and develop strategies and tactics to defend against evolving threat patterns
- Create technical documentation such as case records, troubleshoot guides, standard operational procedures (SOPs), technical support guides (TSGs), and prep frequently asked questions.
EXPERIENCE & SKILLS
- Experience as an incident response security analyst at triaging, investigating, correlating, tagging severity and assigning IT tickets to service engineers.
- Experience using common security operations technologies including Vulnerability Scanners, Intrusion Detection Systems (IDS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.
- Experience performing forensics analysis on Cloud infrastructure platforms
- Excellent interpersonal and group dynamic skills, an inclusive person with a passion to help others succeed.
- Bachelor's degree in Computer Science, Engineering, Technical Science or equivalent years of work experience
- 10+ years experience driving the implementation, configuration, customization of enterprise security controls; 5+ years for cloud controls in one of the major providers; Demonstrable, hands on experience with GCP and accompanying controls
- Demonstrated technical management skills
- Experience with security monitoring with GCP
- Regulatory experience with ISO 27001 series, Sarbanes Oxley, and Payment Card Industry control implementation
- Previous role as Security Engineering Manager
MINIMUM EDUCATION REQUIREMENT FOR THE POSITION OFFERED
- Bachelor’s Degree or master's degree (Masters degree highly preferred) in Computer Science/Engineering or equivalent
- Willing to travel 25%
WHAT WE OFFER
- 100% company-paid Medical, Dental, and Vision and 75% for you and your dependents
- Flexible Time Off
- Daily catered lunch
- Free and discounted pizza!
- The opportunity to work with an incredibly supportive team of thinkers and innovators
Zume provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, national origin, disability, veteran status, or any other characteristic protected by state, federal, or local law. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.