Job Description

• Bengaluru, Karnataka, India 

About Chargebee:

Chargebee is a subscription billing and revenue management platform powering some of the fastest-growing brands around the world today, including Calendly, Hopin, Pret-a-Manger, Freshworks, Okta, Study.com and others. Thousands of SaaS and subscription-first businesses process over billions of dollars in revenue every year through the Chargebee platform.

Headquartered in San Francisco, USA, our 500+ team members work remotely throughout the world, including India, the Netherlands, Paris, Spain, Australia, and the USA.

Chargebee has raised over $480 million in capital and is funded by Accel, Tiger Global, Insight Partners, Steadview Capital, and Sapphire Ventures. And we’re on a mission to push the boundaries of subscription revenue operations. Not just ours, but every customer and prospective business on a recurring revenue model.

Our team builds high-quality and innovative software to enable our customers to grow their revenues powered by the state-of-the-art subscription management platform.

Job Summary:

You will be operating at a cross section of cutting edge tech transformation operating on AWS & Azure stack. It entails a deep understanding of running a security operations center in Macintosh & Cloud native ecosystem; with globally distributed teams operating 24*7. primary focus on optimizing incident response & increasing cyber resilience. This is an opportunity to build / lead highly efficient cyber security incident response team operating 24*7 covering 4 critical layers : IT, Identity, Cloud Infrastructure & Product. Role will serve as a technical leader together with the team to enhance cyber resilience of product offerings of Chargebee.

You will be partnering with colleagues in the product engineering, business, infrastructure & GRC organizations to build response & recovery muscle of Chargebee. You will also have the opportunity to engineer & integrate new sources to improve detection efficiency, while managing a small team of skilled SOC Analysts.

Role & Responsibility :

Cloud Security:

• Design, implement, and maintain preventive and detective controls within our AWS Organization using Detective, GuardDuty, Config, Inspector, and other relevant services.
• Define and enforce security policies and procedures for access control,resource usage, and compliance within AWS.
• Conduct regular security assessments and vulnerability scans to identify and mitigate potential threats.
• Respond to security incidents efficiently and effectively, following established incident response procedures.

SOC Engineering:

• Continuously scout for sources of detection and integrate new sources with SOC.
• Critically examine relevance of logs & its value to incident response.
• Enrichment of existing alerts & reduction of false positive alerts.
• Regular maintenance of SOC infrastructure & its cost management.
• Play a pivotal role in making opinionated tools decisions.

SOC Operations:

• Manage and operate our SIEM platform, ensuring efficient log collection,correlation, and aggregation.
• Conduct proactive threat hunting to identify and respond to potential security incidents early.
• Analyze security logs and generate reports to identify trends and improve security posture.
• Own & maintain incident ticketing tool to logging all security incidents
• Governance, tracking & measuring of SOC ops through KPIs
• Collaborate with product engineering, program management, Legal, Privacy and GRC teams to know key stakeholders required during incident response.
• Build high performing security ops team with a high sense of accountability & ability to take decisions in ambiguous situations.

IT Security:

• Design, implement, and maintain enterprise-grade security solutions, including EDR, DLP, email security, domain security, and attack surface management tools.
• Stay up-to-date on the latest security threats and vulnerabilities, and recommend appropriate mitigation strategies.
• Configure and manage perimeter security solutions like WAFs.

Ops Management :

• Cost Management : Keep a handle on approved budget , run rate etc and efficiently manage unit economics of operations.
• Partner Management : Have an active engagement with managed services partners on quality of services , SLA adherence & overall delivery of services.

Automation :

• Lead automation initiatives within SOC to simplify reporting, dashboarding & reduce Ops fatigue.

Culture :

• Champion adoption of Agile practices with the Security team.
• Enhance product IQ within all members of the SOC team.
• Mentor & coach SOC analysts and help them in career progression.

Must Haves:

• 7+ years of experience in infrastructure engineering & security ops in global setting - preferably in the financial or payments domain.
• Excellent scripting & querying skills - specially on Splunk & ELK.
• Good knowledge of Python, Powershell & AWS security services.
• Experience of building perimeter protection using AWS WAF , Cloudflare , Akamai etc.
• Experience in building enterprise logging management systems using either Splunk, ELK, Pallentire etc.
• Extensive experience of adopting IAC (infrastructure as a code) using either AWS cloud formation templates, Terraform etc. and building security monitoring gates to identify deviations
• Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments
• Effective team player with experience coaching and supporting junior team members

Nice to haves:

• Cloud specific accreditations like AWS Solutions Architect, DevOps engineer, Azure Solutions architect etc.
• Security specific certifications like GIAC, CISSP, CCSP, CISM etc.
• Experience of building testing automation using modern testing tools like Github Advanced Security , Snyk etc.

Skills and Experience:

• 7+ years of experience in infrastructure security and risk analysis techniques, or related fields such as software engineering and architecture
• Domain experience in payment tech / fintech / banking is a plus.