HiringCafe
Posted 1w ago

Information Security Engineer

@ Ovative Group
View All Jobs
Minneapolis, Minnesota, United States
$75k-$93k/yrOnsiteFull Time
Responsibilities:Monitor tooling, Analyze logs, Respond incidents
Requirements Summary:2+ years in security operations or SOC; degree or 3+ years equivalent experience; experience with vulnerability management, cloud security (GCP/Azure), IAM, scripting; DevSecOps tools.
Technical Tools Mentioned:GCP, Azure, IAM, Python, Shell scripting, Terraform, Ansible, Puppet, CSPM, SIEM, Kubernetes, Docker, DevSecOps tools
Save
Mark Applied
Hide Job
Report & Hide
Job Description

About Ovative Group:

Ovative Group is an independent, full-funnel media, measurement, and creative firm. Leveraging our deep industry expertise, we help brands like Best Buy, Domino's, American Eagle, The Home Depot, Post, Disney, Tumi, Michael Kors, Boost Mobile, and UnitedHealth Group transform their media and measurement programs. The result? Profitable growth that speaks for itself.

 

At Ovative, we don't just track data, we redefine success. How do we do it? Our proprietary MarTech platform, EMRge helps businesses transform marketing into a driver of sustainable growth. Powered by Enterprise Marketing Return (EMR), our differentiated approach to holistic media buying, planning, and measurement, EMRge is the first MarTech platform to measure businesses holistically. We're all about raising the bar every day, and it shows. Our work has been recognized by organizations like Digiday, Google, Inc. 5000, USA Today, and Search Engine Land.

Responsibilities:

Security Operations and Incident Response 

  • Monitor security tooling and alerts across endpoint, cloud, and network environments; triage and escalate as appropriate 

  • Perform log analysis and investigation to identify and scope the impact of security incidents 

  • Support incident response and business continuity plan execution, including tabletop exercises and post-incident reviews 

  • Support managed detection and response (MDR) partner relationships and act on partner recommendations 

  • Participate in root cause analyses for security findings; identify contributing factors and implement permanent fixes 

AI Security 

  • Support the growth and innovation driven by gen AI technologies across the business 

  • Participate in testing and reviewing new AI vendors and tools 

  • Research AI security approaches like MCP servers, agent policy/proxy server, etc. and recommend AI security tooling and security design 

  • Provide support and training for security hygiene in using AI tools, agents, frameworks like spec kit, OWASP Gen AI Security, etc. 

Threat and Vulnerability Management 

  • Monitor threat info feeds to monitor and understand the current threat landscape and inform the team to act on 

  • Operate and monitor vulnerability scanning tools; track and remediate or document exceptions 

  • Prioritize remediation efforts based on risk scoring and asset criticality 

  • Coordinate with engineering and IT teams to ensure timely patching and hardening of cloud and endpoint systems 

  • Support penetration testing engagements: coordinate logistics, track findings, and drive remediation to closure 

Security Tooling & Automation 

  • Administer and tune security tools including SIEM, vulnerability scanners, EDR, and cloud security posture management (CSPM) platforms 

  • Build and maintain automation and scripts (Python, Bash, or similar) to streamline security operations and reduce manual toil 

  • Evaluate and recommend new security tools in partnership with the Head of Information Security 

Skills and Qualifications 

  • Two-year or four-year degree in computer science, information security, technology, or related field; or 3+ years of equivalent experience 

  • 2+ years of experience in a security operations, site reliability engineering, or other relevant  role 

  • Experience with vulnerability management tools and remediation workflows 

  • Working knowledge of GCP and/or Azure security services and configurations 

  • Familiarity with IAM, secrets management, and network security concepts in cloud environments 

  • Proficiency in shell scripting and Python, TypeScript, Go, or similar programming languages 

  • Experience with modern DevSecOps practices and technologies (Github, Jira, Confluence) 

  • Experience operating across cloud-native security and enterprise productivity environments (GCP, Azure, M365) 

  • Strong analytical and problem-solving skills; high attention to detail 

  • Ability to communicate and champion security concepts and practices clearly to developers, data engineers, data scientists, and technical and non-technical engineering leadership 

Preferred Qualifications 

  • Security certifications (CCSP, CEH, GSEC, GCIH, etc.) 

  • Experience with IaC tools such as Terraform, Ansible, or Puppet 

  • Hands-on experience with CSPM (Wiz, Lacework, etc.) and SIEM platforms 

  • Experience with containerization technologies (Kubernetes, Docker) 

  • Familiarity with DevSecOps practices and software development lifecycle 

  • Experience securing personal information or other regulated data 

  • Exposure to security administration of BigQuery, Databricks, or similar data platforms 

Pay Transparency 

At Ovative, we offer a transparent view into three core components of your total compensation package: Base Salary, Annual Bonus, and Benefits. The salary range for this position below is inclusive of an annual bonus.Actual offers are made with consideration for relevant experience and anticipated impact. Additional benefits information is provided below. 

For our Sr. Analyst positions, our compensation ranges from $75,000 to $93,000, which is inclusive of a 15% bonus. 

Benefits of Working at Ovative Group: 

We provide strong, competitive, holistic benefits that understand the importance of your life inside and out of work.  

Culture:  

Culture matters and we’ve been recognized as a Top Workplace for ten years running because of it. We demand trust and transparency from each other. We believe in doing the hard and complicated work others put off. We’re open in communication and floor plan. We’re flat – our interns sit next to VPs, our analysts work closely with senior leaders, and our CEO interacts with every single person daily. Put together, these elements help foster an environment where smart people can support each other in performing to their highest potential.  

Ovative is committed to fostering an inclusive environment where everyone can participate and thrive. We do not tolerate discrimination of any kind, including on the basis of race, sexual orientation, gender identity, or gender expression. Our policies reflect this commitment—for example, our medical leave benefits are inclusive of same-sex partners, ensuring equitable care and support for all families. 

Compensation and Insurance:  

We strive to hire and retain the best talent. Paying fair, competitive compensation, with a large bonus incentive, and phenomenal health insurance is an important part of this mix.  

We’re rewarded fairly and when the company performs well, we all benefit.  

  

Tangible amenities we enjoy:  

  • Access to all office spaces in MSP, NYC, and CHI  

  • Frequent, paid travel to our Minneapolis headquarters for company events, team events, and in-person collaboration with teams

  • Generous paid vacation policy  

  • 401k match program  

  • Top-notch health insurance options, inclusive of same sex partners 

  • Family formation benefits including reimbursement options for fertility, pregnancy, and parenting needs 

  • Monthly stipend for your mobile phone and data plan  

  • Sabbatical program  

  • Charitable giving via our time and a financial match program  

  • Shenanigan’s Day  

  

Working at Ovative won’t be easy, but if you like getting your hands dirty, driving results, and being surrounded by the best talent, it’ll be the most rewarding job you’ll ever have. If you think you can make us better, we want to hear from you!