SecOps Engineer at Aristocrat maintaining security for innovative iGaming platforms and collaborating with cross - functional teams. Focused on AWS services security and compliance assessments.
About the role
- Security Operations Engineer protecting Notion’s systems and users by investigating and responding to security events. Collaborating with a global team to enhance security processes and protocols.
Responsibilities
- You will help monitor, investigate, and respond to security events across Notion’s cloud-native and SaaS-focused environment.
- You will mentor and lead an expanded cast of security engineers in Hyderabad, including the planned hiring and onboarding of additional Security Engineers.
- Investigate and respond to security alerts end-to-end, including triage, scoping, containment, remediation, and documentation.
- Support incident response efforts, working with cross-functional partners to investigate and resolve security incidents.
- Improve operational processes and documentation, including runbooks, playbooks, and investigation procedures, to enable consistent execution across a growing team.
Requirements
- 7+ years of experience in security operations, incident response, detection engineering, or a related security role, including experience acting as a technical lead or mentor for other security engineers.
- Experience triaging and investigating alerts across SIEM, EDR, and cloud-native platforms.
- Familiarity with detection development and tuning, including rule logic and false-positive reduction.
- Working knowledge of attacker TTPs and frameworks such as MITRE ATT&CK, and how to detect them using available telemetry.
- Experience with scripting or automation (e.g., Python, Bash) to streamline investigations or improve analyst workflows.
- Familiarity with detection logic or query languages such as Sigma, KQL, Splunk SPL, YAML, or YARA.
- Understanding of the incident response lifecycle, including investigation, containment, eradication, recovery, and lessons learned.
- Experience supporting real-world security investigations and documenting findings.
- Ability to collaborate effectively with partners across Security, IT, and Engineering, and provide technical guidance during incidents.
- Familiarity with cloud environments (e.g., AWS, GCP, Azure) and common security risks.
- Experience investigating identity and access activity in systems such as Okta, Google Workspace, or cloud IAM platforms.
- Comfort working with logs from diverse sources, including authentication, endpoint, and infrastructure systems.
- Clear and thoughtful communicator who can explain technical issues to varied audiences.
- Strong documentation skills to support consistent, repeatable incident handling.
- Comfortable working across teams to solve complex security problems.
Benefits
- In-person collaboration is essential to Notion's culture.
- We require all team members to work from our offices on Mondays, Tuesdays, and Thursdays, our designated Anchor Days. Certain teams or positions may require additional in-office workdays.
- Participate in a 24/7 on-call rotation, responding to security alerts and incidents as part of a shared team responsibility.
- Provide hands-on coaching and technical guidance to less-experienced responders through investigation reviews, pairing, and real-time incident support.
- Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation made due to a disability, please let your recruiter know.
- We hire talented and passionate people from a variety of backgrounds because we want our global employee base to represent the wide diversity of our customers.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Incident Response Analyst handling security events and incidents at Var Group in a hybrid work environment. Focused on ensuring response to security incidents and improving security processes.
Cybersecurity Incident Response Analyst handling security incidents and threats. Working in a hybrid environment at Yarix, a leader in digital evolution.
IAM Security Ops Analyst overseeing access management for clinical trial applications at Syneos Health. Collaborating with IT and compliance teams to enforce IAM policies and improve operational performance.
Fraud Operations Group Manager responsible for managing fraud management policies in the Operations Services team. Leading teams in minimizing fraud impacts while ensuring compliance and operational objectives.
Information Security Analyst responsible for security operations, threat hunting, and incident response at Bellinati Perez. Involves collaboration with internal teams and use of advanced security tools.
Senior SOC Analyst specializing in security operations and incident response at PEXA, advancing digital property solutions in the UK. Collaborating with teams to enhance security measures and respond to incidents.
Security Monitoring Analyst developing XDR detection rules for cybersecurity at ESET. Actively contributing to threat defense innovation while monitoring security environments.
Overseeing global security operations across 81 sites for QVC Group, a Fortune 500 live shopping company. Managing security programs with expertise in investigations and crisis management.
Junior SOC Analyst supporting security team with monitoring and analysis of security incidents in Berlin. In a hybrid work environment, gain hands - on cybersecurity experience through mentorship.