SecOps Engineer II

About the Company 

At Torc, we have always believed that autonomous vehicle technology will transform how we travel, move freight, and do business. 
A leader in autonomous driving since 2007, Torc has spent over a decade commercializing our solutions with experienced partners. Now a part of the Daimler family, we are focused solely on developing software for automated trucks to transform how the world moves freight. 
Join us and catapult your career with the company that helped pioneer autonomous technology, and the first AV software company with the vision to partner directly with a truck manufacturer. 

Meet the Team: 

Join our growing Cybersecurity Team under our new Enterprise IT leadership. This team is responsible for developing a strategic security and risk management program, implementing security policies and procedures, and managing security technologies. As Torc continues to pave the way for the commercialization of autonomous trucking, this team will be instrumental in ensuring the security and trustworthiness of our systems.

The SecOps Engineer role offers a unique opportunity to work on the forefront of cybersecurity, contributing to the protection of our global organization and its stakeholders. As a SecOps Engineer, you will play a crucial role in identifying, analyzing, and mitigating security vulnerabilities within our systems and infrastructure. You will collaborate with cross-functional teams to continuously improve the SecOps tooling and incident response procedures, ensuring the resilience and security of our technology ecosystem.

What you'll do: 

• Manage the SecOps infrastructure to identify and mitigate threats to Torc systems.
• Produce valuable metrics and reports that show trends, tuning opportunities, and highlight potential new threats to system security.
• Collaborate with other Torc engineering teams to understand use cases and minimize false positives.
• Work closely with IT to understand the enterprise architecture and future plans for development. Make sure SecOps is prepared to adapt as our infrastructure evolves.
• Coordinate an on-call system that allows us to rotate responsibility for responding to off-hours escalations.
• Create and maintain the complete incident response plan, which includes the main policy, user procedures, and team runbooks.
• Work closely with IT to develop a vulnerability management system that provides identification of threats on a regular cadence along with prioritization for remediation.
• Develop and implement strategies for deploying patches and updates to address vulnerabilities in a timely manner.
• Maintain accurate and up-to-date documentation related to vulnerabilities, risk assessments, and remediation activities.
• Establish and maintain continuous monitoring mechanisms for vulnerabilities and provide regular reports to management and stakeholders.
• Stay informed about the latest security trends, vulnerabilities, and industry best practices to continuously improve the organization's security posture.

What you’ll need to Succeed: 

• Demonstrates competencies and skills typically achieved through the completion of a bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Proven experience (3-5 years) in software engineering with focus on vulnerability management, risk assessment, and remediation.
• In-depth knowledge of common vulnerabilities and exposure (CVE) databases, vulnerability scanning tools, and penetration testing methodologies.
• Familiarity with security frameworks and standards such as ISO 27001, NIST, or CIS.
• Strong scripting skills (Python, PowerShell, etc.) for automation of vulnerability management processes.
• Excellent communication and collaboration skills to work effectively with cross-functional teams.
• Keen attention to detail to identify problems and processes that don’t comply with protocol.
• Critical/logical thinking to identify problems and provide solutions to ensure cybersecurity solutions move us towards an efficient, cybersecure self-driving truck.

Bonus Points! 

• Familiarity with AWS Cloud technology

Perks of Being a Full-time Torc’r

Torc cares about our team members and we strive to provide benefits and resources to support their health, work/life balance, and future. Our culture is collaborative, energetic, and team focused. Torc offers:  

• A competitive compensation package that includes a bonus component and stock options
• 100% paid medical, dental, and vision premiums for full-time employees  
• 401K plan with a 6% employer match
• Flexibility in schedule and generous paid vacation (available immediately after start date)
• Company-wide holiday office closures
• AD+D and Life Insurance 

At Torc, we’re committed to building a diverse and inclusive workplace. We celebrate the uniqueness of our Torc’rs and do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, veteran status, or disabilities.
Even if you don’t meet 100% of the qualifications listed for this opportunity, we encourage you to apply.

Our compensation reflects the cost of labor across several geographic markets. Pay is based on a number of factors and may vary depending on job-related knowledge, skills, and experience. Torc's total compensation package will also include our corporate bonus and stock option plan. Dependent on the position offered, sign-on payments, relocation, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. 

Job ID: 102372