Senior Security Engineer

Senior Security Engineer

Vacancy expired!

100% Remote

This Jobot Job is hosted by: Sarah Murphy
Are you a fit? Easy Apply now by clicking the "Apply Now" button and sending us your resume.
Salary: $140,000 - $165,000 per year

A bit about us:

We offer the most-trusted app building platform for anyone looking for a better way to work. We give businesspeople and IT experts the ability to easily build and integrate apps to track, manage, and automate processes in days, not weeks. Our customers make lasting and substantial improvements to their business using our bulletproof cloud-based technology and they love getting the industry's best customer experience every step of the way.

We are looking for an experienced Sr. Security Engineer to supplement our InfoSec team as we continue to automate and improve our security program.

The Sr. Security Engineer leads integration and automation efforts across the security program. This role will have significant input to our security orchestration and automated response (SOAR) capabilities. The position is highly collaborative and requires excellent communication, project management, and teamwork.

Why join us?

• We cover 100% medical, dental, and vision benefits
• We understand you have a life outside of work and have an unlimited, flexible time-off policy
• We provide competitive paid parental leave for all new parents after 6 months
• We made Built in Colorado's 2020 Best Small Companies to Work For list and received an Honorable Mention for Outside Magazine's 2020 Best Places to Work
• You will have the opportunity to challenge yourself and have a high degree of responsibility and impact
• Your daily tasks will change often and give you many opportunities to grow your professional and technical skillset and advance your career

Job Details

Responsibilities
Security Engineering:
o Serve as lead technical resource for assigned security tools and services.
o Lead detection engineering efforts.
o Lead engineer for SOAR strategy and implementation.
o Participate in security event investigation and/or incident response.
o Support security metrics through automated testing of security controls.
o Contribute to information security planning, e.g., strategy, architecture, standards.
o Support compliance efforts by producing artifacts from security tools and services.
o Contribute to the professional development of Security Analysts and Security Engineers.
Partnership:
o Collaborate with Operations on cloud environment and customer data security.
o Collaborate with IT on corporate network, endpoint, and corporate data security.
o Collaborate with HR to create a culture of security awareness.
Continuous Education:
o Maintain awareness and knowledge of emerging security threats and vulnerabilities.
o Maintain awareness and knowledge of AWS services and cloud security best practices.
o Maintain awareness and knowledge of major information security frameworks/guidance, e.g., CSA Controls Matrix, NIST CSF, FedRAMP.

Requirements

An attitude of Problems are opportunities! and Manual work is tech debt!
o A passion for process improvement, efficiency, and automation.
Strong integration and automation skills via REST APIs and microservices.
o 3 - 5 years of development and/or automation experience, preferably with Python.
o Experience with open-source or commercial integration platforms. Experience with Workato is a plus.
o Experience with CI/CD pipelines and version control. Experience with GitLab is a plus.
Strong networking and Linux security skills.
Experience with open-source or commercial SIEM, IDS/IPS, and vulnerability scanning solutions.
Experience with open-source or commercial Security Orchestration and Incident Response (SOAR) solutions.
Experience working in AWS environments. AWS sysadmin experience a plus.
Excellent critical thinking and problem-solving skills. You can contribute to spirited, yet professional, debate.
Self-managed. Excellent planning, and time management skills.
Experience working within Agile and Kanban frameworks.

o Relevant security certifications, e.g., CISM, CASP+, CISSP, GSEC.
A strong interest in information security as a career field and related continuous education.
U.S citizenship is required. Sponsorship is not available.

Differentiators

Experience as a DevOps engineer.
Experience with Docker and Kubernetes.
Experience with security compliance audits, e.g., SOC2, HIPAA, FISMA, FedRAMP.
PMI Citizen Developer Foundations or higher Certification.
Experience with Low/No-Code solutions

Interested in hearing more? Easy Apply now by clicking the "Apply Now" button.