Job Description

Company Description
At Xplor, we believe that helping people make the most of each day is the most rewarding way to spend ours. We give small and medium-sized businesses cloud-based, intuitive technology solutions that enable them to manage all the hassles of running and growing a business, so business owners can get back to doing what they love. With Xplor Pay, we help businesses get paid quickly and securely \xe2\x80\x93 without hidden fees. We built the tech ourselves, and our platform delivers secure, transparent, fast, and accurate payments. We are unified by our purpose of helping people to succeed. So, when you become part of our team, you also become part of the personal connection that strengthens the relationship people have with Xplor products.


About the opportunity Join our Central Technology Team to make a real impact every day. We say that because we know that every code line we write, every interface we design and every conversation we have, is another opportunity for us to enrich our customers\xe2\x80\x99 experiences. Our Security Engineers (CTR) are the front line for the security of our platforms and applications. The role prepares for, and responds to, security events and incidents across our systems.
*** MUST HAVE MICROSOFT/AZURE SENTINEL EXPERIENCE*** Some of the other responsibilities include:

• Preserve the confidentiality, integrity and availability of our information so that it can be safely shared and used to drive our growth and innovation - enabling information confidence
• Mitigate the business loss arising from security issues by understanding security risk, monitoring for threats and responding to events appropriately within agreed hours
• Integration with our other security functions to ensure that attack patterns are catered for in defense.
• Improving Signal Noise Ratio, Developing Incident Response Workflows that can be automated.
• Perform security monitoring gap analysis using MITRE ATT&CK framework and build corresponding process/framework for continuous evaluation as well as increase detection coverage.
• Work collaboratively as part of the Cyber Threat Response team during incident response, event monitoring, and threat-hunting activities.
• Threat intelligence analysis, response and summary
• Cyber threat analysis support, research, and recommending appropriate remediation and mitigation.
• Deep understanding of several of the following fields: Email security (including PDF and Document analysis), digital media forensics, monitoring and detection, incident response, vulnerability assessment, penetration testing, cyber intelligence analysis, and network analysis
• Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution, and helping establish countermeasures increasing cyber resiliency.
• Identification of advanced cyber threat activities, Endpoint Detection Response, intrusion detection, incident response, malware analysis, and security content development (e. g., signatures, rules, etc. )
• Being flexible to work through incidents as needed

About our Central Technology team At Xplor, we have many different products and technologies. We have evolved from a bunch of start-ups to a single company with over 700 Xplorers who work in our CT team as one team across the world. You can find everything from super modern to older languages. We continue to iterate on our processes and technologies to find common ground between the different projects and product we have. With this, we rely heavily on our engineers to be dynamic. Xplor is not the company (yet) where you\xe2\x80\x99ll always have well-defined requirements and rigid processes. Our Engineers have a lot of input into the process and requirements. However, there can be challenges and ambiguity you as an Engineer have to overcome \xe2\x80\x93 and we know that\xe2\x80\x99s not for everyone. The positive side of this is that you get to have a lot of say and ownership in the product and the process.

Qualifications
What would make me a good candidate? We are looking for people who want to make a difference in Security. Required qualifications for this role:

• 3 \xe2\x80\x93 6 years\xe2\x80\x99 experience in Security Operations
• Ability to guide less experienced team members during incident management
• Ability to manage Security Incidents through the Incident Handling process.
• Intermediate level understanding of ATP, EDR, API Security, Identity Management.
• Security Incident Response and triage and able to do root cause analysis. Sound understanding of different log sources and event co-relations.
• Security use-case development and fine-tuning based on the requirements (hands-on experience with Microsoft Sentinel/Kusto Query language preferred).
• Developing incident response plans and working with team to contain identified threats.
• Tuning threat detection to minimize noise and amplify a signal.
• Design of new SOC workflows/metrics, reports, dashboards and processes to improve SOC scalability and efficiency.
• Maintaining proficiency by following the latest trends and developments in cyber security.
• Perform security automation to solve security use cases within the organization & continually improve threat detection capability and accuracy.
• Advanced level domain knowledge Cyber Security, Threat Hunting (Active hunting on network flow, user behavior and threat intelligence), SIEM - Azure Sentinel, Ability to Comprehend Logs (HTTP, SMTP, Network), Windows Active Directory, Operating systems and servers.
• Well-versed with different attack vectors/TTPs and be able to simulate non-invasive attack as needed.
• Ability to design and implement new approaches for detecting attacks and effective containment techniques, including scripting, analytics, and automation.
• Experience working with a selection of SIEM, TIP, malware analysis, and multiple sources of threat intelligence to properly categorize suspicious behavior.
• The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management.
• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• Must be a critical thinker, with strong problem-solving skills.
• Ability to work independently, enjoys learning, and stays current with industry developments, regulations, and best practices.
• Preferred Security certifications such as GCIH, AZ-500 & AZ-900, SC-100/SC-200
• Hands-on experience SIEM/SOAR with analysis and/or response to information security threats or incidents.
• Experience in performing performance health checks, tuning and optimization, Integrating log sources into SIEM/SOAR technologies.
• Install / configure / build / fine - tune the SIEM/SOAR tools to setup an effective information security support / operation.
• Establish KPI, review & manage security logs and provide reports based on KPI and metrics.
• Hands-on knowledge of Correlation rules creation / Update / Deletion.
• Good understanding of ITIL processes, ISO/PCI DSS, including Change Management, Incident Management, and Problem Management.

Desired Qualifications:

• Experience working with Jupyter Notebooks for threat hunting planning
• Knowledge of Python, Powershell

At Xplor, we believe that the best innovation and ideas happen at the intersections of our differences - people of diverse cultures, generations, disciplines, and lived experiences. So even if you think you do not tick all the boxes, we still encourage you to apply.
Additional Information
Values and Life at Xplor Our four core values that guide us from how we hire and recognize our team members to how we interact with our customers day to day:

Make life simple Build for people Move with purpose Create lasting communities

If these values sound like you, and describe people you want to work with, you will thrive at Xplor. As an Xplorer, you will be part of a global network of talented colleagues who will support your success. We look for commonalities and shared passions and give people the tools they need to deliver great work and grow at speed. Ready to apply? To start your application, please submit your resume and we will be in touch as soon as we can. Please include the word "moonshot" at the top of your message to the Hiring Manager so that we know you took the time to read our job ad.
We understand that diverse candidates have diverse needs. We welcome you to inform us of any additional needs related to completing your job application or participating in the interview process, via talent@xplortechnologies.com. More about us Xplor Technologies is a global platform integrating SaaS solutions, embedded payments, and Commerce Accelerating Technologies to help businesses succeed. Xplor provides enterprise-grade SaaS solutions for businesses in \xe2\x80\x9ceveryday life\xe2\x80\x9d verticals: Childcare & Education; Fitness & Wellbeing, Field Services and Personal Services \xe2\x80\x93 and a global cloud-based payment processing platform. Xplor Technologies serves over 78,000 customers that processed over $36 billion in payments, operating across 20 markets in 2022. Good to know To learn more about us and our products, please visit www.xplortechnologies.com/us/careers. We also invite you to check out our Candidate FAQs for more information about our recruitment process www.xplortechnologies.com/us/recruitment-faqs. Xplor is committed to providing equal opportunities in employment and creating an inclusive work environment. We provide equal opportunities to all our employees and to all eligible applicants for employment in our company. We do not unfairly discriminate on any ground, including race, caste, religion, color, ancestry, marital status, gender, sexual orientation, age, nationality, ethnic origin, disability or any other category protected by applicable law. We are a 2023 Circle Back Initiative Employer \xe2\x80\x93 we commit to respond to every applicant.