Security Engineer, Cloud Infrastructure
- We’re largely in AWS, but leverage other cloud service providers
- Cloud services for: virtual machines, containers, container orchestration, serverless compute, data pipelines, file storage, transactional databases, data warehouses, source control repositories, credential management, and threat detection
- Kubernetes, Terraform, GitHub Actions
What you will be doing:
- Defining technical security requirements for all aspects of our production cloud infrastructure (AWS). Experience with AWS security is highly desirable.
- Determine use-cases and write playbooks based on alerts using DataDog or similar tools.
- Fine tune SIEM alerts (reduce false positives) and build a detect-alert-response system for the cloud native infrastructure.
- Proactively implementing necessary precautions for upcoming threats and actively exploited attacks.
- Coordinating security implementation work with our Cloud Infrastructure Team and other members of our Security Department.
- Building tooling that improves our efficiency and efficacy and allows us to move fast in a secure manner.
- Assisting with security investigations and response processes.
- Assisting with and advising on other aspects of the Information Security Program, including data protections, access control procedures, producing evidence for audits, security awareness training, BC/DR coordination, security policy management, vendor risk management, and enterprise risk management
What you should bring:
- 6-8 years of relevant experience.
- Strong communication skills.
- Experience in public cloud and SaaS-heavy environments, especially AWS, Kubernetes, GitHub, and financial payment tools.
- The ability to handle multiple security frameworks simultaneously.
- The willingness to roll up your sleeves and build processes and solutions.
- Outside of the box and innovating thinking.
- A thirst for continuously educating yourself and your peers.
- A humble and collaborative attitude.
- Effective prioritization and time management skills.