Make Your Mark :

Reporting to the Senior Director of Information Security, the Senior Information Security Engineer will play a lead role in executing security strategy and consulting on best-in-class security architecture and security posture for BlackLine.

In this role you will provide on-call duties, manage/triage ticket queues, review access requests, review architecture, implement security solutions, collaborate with cross-functional teams, perform vulnerability management functions, and execute the evolution of Blacklines Enterprise Information Security components.

You'll Get To :

- Enhance and maintain BlackLines risk framework.

- Define effective information security standards, processes, and procedures.

- Secure and protect internal AI systems.

- AI-Enhanced Security Operations (Integrating AI into SOAR and SIEM platforms).

- Perform security assessments and penetration tests.

- Participate in on-call rotations.

- Administer security tools and technologies.

- Evaluate, recommend, and deploy security tools and technologies.

- Collect and analyze systems/application security logs.

- Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.

- Ensure compliance with internal policies/standards and regulatory requirements.

- Respond to security incidents; perform forensics activities and root cause analyses.

- Perform other duties as assigned.

What You'll Bring :

- 5+ years of hands-on information security experience.

- 3 years of experience managing Web Application Firewalls (WAF).

- Experience managing SIEM/SOAR systems.

- Hands-on experience with securing AI systems and LLMs.

- Experience in securing Kubernetes and containers.

- Expertise in Windows and IIS.

- Working knowledge of Linux/Unix (advanced Linux skills are a big plus).

- Working knowledge of network security -thorough understanding of the OSI model and comprehensive knowledge of common protocols and services for levels 3 through 7.

- Proven track record of effectively supporting commonly used information security tools and processes (e.: patch management, log management, malware management, web filtering, firewalls, proxies, APT, IDS, DLP, HIDS/NIDS, network access control, threat and vulnerability management).

- Experience supporting high-volume, high-availability web-facing environments.

- Wireless security and mobile devices management.

- Knowledge of encryption algorithms and related technologies, secure communications, SSL, PKI.

- Functional's kills in at least one scripting language (e.: Perl, Python).

- Working knowledge of WMI and WSH.

- Solid knowledge of common vulnerabilities and exploitation techniques (e.: SQL injection, buffer overflows).