This position reports to the Software Engineering Team Lead (DevOps). Security Engineers are responsible for securing building and operating security controls, and building out a security platform. The security engineers work closely with the platform and development teams to build a strong defence, as well as enable and support a culture of DevSecOps in the development teams.
Your daily work will involve:
– Architecting and implementing technical solutions to support defensive security
– Mentoring and coaching security within the organization
– Deploying, operating, and monitoring SIEM, IPS/IDS
– Responding to Security Incidents
– Expanding security auditing and monitoring capabilities
– Developing custom applications to monitor red flag situations
– Working with DevOps to secure the platform, hardening servers, networks, Kubernetes
– Working with Application teams to secure code, consulting on implementations
– Working with Infrastructure to secure the physical environments (office networks, etc)
– Hardening servers, and building security into the platform
– Developing automation so we can focus on the hard problems
– Developing glue code to extend or integrate systems
To achieve this, we’re looking for someone that:
– Is passionate about technology and security
– Is curious, always learning, and keeping up to date with the industry
– Is a team player, an active listener, mentor, and able to communicate well
– Shows solid reasoning and decision making, with the ability to work under pressure
– Has either a degree in computer science, or industry experience
– Has experience with defensive systems (SIEM, IDS/IPS, Canaries, Fail2Ban, etc)
– Has a solid understanding of Networking (TCP, UDP, IP, nmap, wireshark, etc)
– Has experience with Linux administration (Processes, Networking, Disks, Security)
– Has experience with a configuration management system (Puppet, Chef, Ansible)
Top candidates will be strong in the above, but also bring some of the following to the table:
– Can write code (we use Python)
– Experience with Kafka, Apache Beam, Apache Metron, Apache Spark
– Experience with Google Cloud, or another cloud provider
– Experience with Kubernetes, Docker (or containers in general)
– Experience with Build Systems (Jenkins, Gitlab, Spinnaker)