Skip to content
Deeper Context Security Ops
Share
Explore
SecOps Roles @ Babylon

As we work to leverage cutting edge technologies to change the future of healthcare, we need exceptional people to protect Babylon’s critical infrastructure, services and customers.

So, we’re tripling 🚀 our SecOps tribe and have a number of new growth roles across Vulnerability Management, SIEM Ops & Detection Monitoring, Incident Response, Threat Intel & Hunting..
👋 Please click ▶️ to expand

Security Incident Manager
ENGLAND or REMOTE

You will be responsible for leading the company's response to cyber security incidents. Partnering closely with various functions across the organization and leadership, you will coordinate activities related to containing and remediating information security incidents, playing an integral role in defending against adversarial activity.

WHAT YOU’LL WORK ON
You will manage the day-to-day operations of the global cybersecurity incident response
You will lead the incident response process from detection through containment and eradication
You will strive to mature Babylon's Incident Response program including the enhancement and development of policies, procedure and processes
You will establish and operationalize KPIs, reporting and metrics to track maturity of IR program
Train and mentor staff on the incident response process.
As part of a dedicated team, you will participate in an on-call rotation
WHAT WE’RE LOOKING FOR
3+ years of experience working with cybersecurity incident response/incident management teams
Excellent project management, problem solving, and communication skills with the ability to execute under a high degree of urgency
Relevant (Preferred) Certifications: SANS GIAC, OSCP, CISSP, etc.
Experience in Incident Management
Demonstrated experience with tracking tools such as JIRA, ServiceNow etc.
Must be technically literate and be able to articulate technical issues in a meaningful way to both technical resources and management.
Cloud Incident Response Experience preferred
Agile and Scrum methodology experience

Lead Cyber Incident Responder (Remote)
AUSTIN, TEXAS or REMOTE

You will be a key figure as part of a growing team planning, preparing, hunting and most importantly responding to cybersecurity incidents. This role will develop and leverage response strategies across network, endpoint, email, identity and cloud, playing an integral role in defending against adversarial activity.

WHAT YOU’LL WORK ON
You will strive to mature Babylons Incident Response program
You will lead end-to-end incident response investigations to include triage, containment, eradication, and recovery of threats
You will leverage intelligence and curiosity to perform proactive threat hunting and partner with content development to resolve gaps not detected via traditional security tools.
You will conduct host forensics, network forensics, log analysis, and malware analysis in support of incident response investigations
You will support the maturity of Incident Response policies, procedure and processes
You will mentor and develop junior team members
As part of a dedicated team, you will participate in an on-call rotation
WHAT WE’RE LOOKING FOR
7+ years of industry experience, with direct experience in incident response and security operations (GIAC/SANS, OSCP, or related certifications preferred)
Experience responding to cyber security incidents within on-prem and cloud infrastructure and applications (AWS, Azure, GCP, SaaS, etc.)
Specialize in network-forensics, endpoint-forensics (live response, digital forensics), and log analysis (SIEM)
Deep understanding of threat & analytical models (Kill Chain, ATT&CK etc.)
Deep understanding of operating systems, including Windows, Linux, and OSX
Deep understanding and experience using cyber security operations, security monitoring, endpoint(EDR), network(IDS/IPS), DLP and SIEM tools.

Senior Threat & Vulnerability Management Analyst
AUSTIN, TEXAS or REMOTE

You will ensure continuous vulnerability lifecycle management within the Babylon environment including monitoring, governance, prioritization and assessing vulnerabilities. Paramount to the program’s success, you will develop strong partnerships with cloud, infrastructure and engineering teams to provide strategy and prioritization to control and remediate vulnerabilities in the environment.

WHAT YOU’LL WORK ON
You are the champion for vulnerability management including broadening awareness, mentoring, and educating fellow Babylonians on best practices
You will support Babylon's digital first mission by enhancing capabilities to identify, report, assess, prioritize and remediate vulnerabilities.
You will establish Key Performance Indicators, reporting and metrics to track maturity of VM program
You will leverage vulnerability scanning technologies to evaluate the security posture of information systems and applications
You will strive for operational excellence through the development of enterprise policy and technical standards regarding vulnerability management
WHAT WE’RE LOOKING FOR
Minimum five years of professional information security experience
Ability to document and explain technical details in a clear and concise manner
Relevant (Preferred) Certifications: SANS GIAC, OSCP etc.
Strong understanding and familiarity with web application and/or OS-level vulnerabilities (OWASP, CVE)
Previous experience with vulnerability management tools (Qualys, Rapid 7 etc) operating in an enterprise level Vulnerability Management program
Fundamental understanding of operating systems, including Windows, Linux, and OSX
Experience working in a cloud-native environment (AWS, GCP, k8s)

Senior Threat Detection Engineer (Splunk)
AUSTIN, TEXAS or REMOTE

You are the pioneer for Babylon's SIEM environment as it pertains to the SIEM strategy, data onboarding, automation, developing and tuning of cyber detection capabilities. You will be the SME for all things Splunk and security monitoring capabilities.

WHAT YOU’LL WORK ON
You will drive the onboarding of new application and platform logs partnering technology engineering teams.
You will strive to continuously innovate capabilities to detect cybersecurity threats & integrate into the SOC.
You will automate tirelessly to empower fellow SOC Babylonians
You will provide mentorship for candidates looking to dive into security content development
You will ensure operational excellence through robust documentation to support SIEM platform
As part of a dedicated team, participation in an on-call rotation may be required.
WHAT YOU’LL WORK ON
Experience working on large deployments of Splunk Cloud and Enterprise Security
Hands-on experience onboarding data to Splunk
Experience developing threat detection use cases in Splunk with SPL
Splunk Certifications in any of the following: Certified Admin, Certified Architect, or Enterprise Security Certified Admin
Unix or Linux based scripting language (i.e Python)
You have proven experience as a SOC Analyst, Security Content Developer and/or Security Engineer
Experience working in a cloud-native environment (AWS, GCP, k8s, SaaS)
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.