ENVIRONMENT:
My client, a leading online retailer requires a Software Security Engineering Team Lead.
DUTIES:
- Managing, mentoring, and coaching members of the team
- Executing on projects, delivering on commitments
- Running and coordinating Red Team scenarios
- Architecting and implementing technical solutions to support defensive security
- Mentoring and coaching security within the organization
- Deploying, operating, and monitoring SIEM, IPS/IDS
- Responding to Security Incidents
- Expanding security auditing and monitoring capabilities
- Developing custom applications to monitor red flag situations
- Working with DevOps to secure the platform, hardening servers, networks, Kubernetes
- Working with Application teams to secure code, consulting on implementations
- Working with Infrastructure to secure the physical environments (office networks, etc)
- Hardening servers, and building security into the platform
- Developing automation so we can focus on the hard problems
- Developing glue code to extend or integrate systems
REQUIREMENTS:
- Works well with people, and is passionate about helping people be their best
- Is a team player, an active listener, mentor, and able to communicate well
- Shows solid reasoning and decision making, with the ability to work under pressure
- Is passionate about technology and security
- Is curious, always learning, and keeping up to date with the industry
- Has either a Degree in Computer Science, or Industry experience
- Has experience in ethical hacking
- Has experience with defensive systems (SIEM, IDS/IPS, Canaries, Fail2Ban, etc)
- Has a solid understanding of Networking (TCP, UDP, IP, nmap, wireshark, etc)
- Has experience with Linux administration (Processes, Networking, Disks, Security)
- Has experience with a configuration management system (Puppet, Chef, Ansible)
Top candidates will be strong in the above, but also bring some of the following to the table:
- Can write code (we use Python)
- Experience with Kafka, Apache Beam, Apache Metron, Apache Spark
- Experience with Google Cloud, or another cloud provider
- Experience with Kubernetes, Docker (or containers in general)
- Experience with Build Systems (Jenkins, Gitlab, Spinnaker)
- Experience with security frameworks such as NIST
