The Security Engineer position will execute strategic processes and implement technical solutions to enable our information security program and address day-to-day security challenges amidst the industrys evolving technology landscape.
Primary Responsibilities
-
Build and implement new security controls, processes and tools.
-
Identify organizational risks to confidentiality, integrity, and availability, and determine appropriate mitigations.
-
Leverage native Azure, GCP, and AWS cloud services to automate and improve existing security and control activities.
-
Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.
-
Perform technical security assessments against product and enterprise cloud hosted, virtual, and on-premise systems including static and dynamic analysis, and threat modeling.
-
Review and test changes to services, applications, and networks for potential security impacts.
-
Collaborate with Architecture, Site Reliability Engineering and Operations teams to develop and implement technical solutions and security standards.
-
Stay abreast on security best practices and secure design principles.
-
Review changes to and ongoing operations of enterpise environments and supporting systems for security and compliance impacts.
-
Assist in incident detection and response efforts.
-
Implement zero-trust patterns with cloud agnostic tools to support enterprise business units.
-
Implement, design, develop, administer, and manage enterprise security tooling.
Knowledge, Skills and Abilities
-
Experience working with high-availability enterprise production environments
-
Familiarity with scripting languages (e.g., (Go, Python, Ruby, Rust,etc.). and building scripts for process improvements
-
Experience automating security testing and reporting outputs
-
Technical knowledge and hands-on experience with security and networking security, basic networking protocols, cloud security, network security design, intrusion prevention/detection, and firewall architecture
-
Experience assessing and implementing technical security controls
-
Willingness to innovate and learn new technologies
-
Excellent interpersonal and relationship skills with a collaborative mindset
-
Knowledge or familiarity with technological stack (Big-IP, Azure, AWS, GCP, CentOS, Hashicorp Vault, Palo Alto, Qualys).
-
Experience with network and application vulnerability and penetration testing tools.
-
Baseline competency in administration of Microsoft Azure Cloud, Amazon Web Services (AWS), Google Cloud Platform (GCP) or equivalent public cloud infrastructure.
-
Exposure to DevOps tooling, CI/CD pipelines, container orchestration, and infrastructure as code approach (e.g. Puppet, Chef, Ansible, Terraform, Jenkins, CircleCI, Artifactory, Git)
-
Strong written and verbal communication skills.
-
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
-
Agile, tactful, and proactive attitude that can manage prioritization and know when to escalate.
Qualifications
-
B.S. or M.S. in Computer Science, Engineering, or related field, or equivalent experience.
-
3+ years of relevant security and networking experience
