Job Post

Senior Security Engineer

Everbridge
25 Corporate Dr., 4th Fl
Burlington, MA 01803

Description

About the Position:

As our Senior Security Engineer you will be front and center with solving our most complex security challenges. As a Software-as-a-Service platform, Everbridge utilizes a hybrid-cloud ecosystem to achieve worldwide scalability goals. We have data centers worldwide, and offices in 3 countries.

About the Team
As a member of the security engineering team, you will strive to take a pragmatic approach when proposing security solutions, implement security best practices, guide our architecture toward a security-first posture.

Job Duties:

  • Assess, design, implement, automate, and document security processes and solutions leveraging Amazon Web Service (AWS) and other third-party cloud solutions
  • Design architecture, methods, and controls required to meet security, compliance, and audit requirements
  • Proactively stay current with developments in relevant technologies
  • Create and share unique ways to solve challenges with others
  • Deploy security solutions in cloud environments
  • In-depth knowledge of VPCs, Security Groups, and ACLs
  • Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity
  • Must have experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
  • Develop procedures to automate security tasks during code builds and deployments
  • Develop program quality metrics as both program performance indicators and enterprise risk indicators
  • Respond to and, when appropriate, resolve or escalate security incidents
  • Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
  • Assist and train team members in the use of cloud security tools and the resolution of security issues
  • Develop and maintain documentation for security systems and procedures
  • Collaborate with the Ops team to build infrastructure and servers on AWS

Qualifications:

  • Minimum 8 years of information security experience with 2 years Cloud Security  focus
  • Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others
  • Knowledge of network based, system level, and application layer attacks and mitigation methods
  • Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017, FedRAMP
  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc
  • Experience working with container technologies
  • Knowledge of AWS automation strategies and tools
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
  • Ability to clearly and effectively communicate concerns, issues to other teams
  • Experience in developing, documenting, and maintaining security procedures
  • Proficient in AWS CLI, Bash, and Python
  •  Certified Information Systems Security Professional (CISSP) preferred
  • Certified Information Systems Auditor (CISA), SANS GIAC, CompTIA Security+, CompTIA CASP, Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA) certifications strongly desirable.
  • Working knowledge of Nmap, Nessus, Kali Linux, Wireshark, Metasploit Framework, and other security related tools.
  • Demonstrated experience in conducting security audits and assessments.
  • Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus.
  • Understanding of data network configuration and infrastructure concepts, including TCP/IP, routers, internet/intranet/extranet, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes.
  • The ability to communicate effectively, both verbally and in writing, with individuals and groups.
  • Experience in full project life cycle and application development desired.
  • Strong written and verbal communication skills.
  • US Citizen
Category: Software Engineering/QA
Full-time

See What It's Like To Work Here

Hello, we're Everbridge

Our Critical Event Management solutions are used by over 4,000 organizations to keep people safe and avoid and/or lessen disruption to operations when such events as severe weather, workplace violence, active shooters, terrorism, IT and power outages, environmental spills, brand attacks on social media, product recalls, and medical emergencies

Everbridge was founded in 2002 in the aftermath of the tragic events of 9/11 with the mission of helping to keep people safe amid critical situations. 

Our Critical Event Management platform helps manage critical events for 4,500+ customers globally, reaching more than 500 million people in over 200 countries and territories

Get unlimited job listings with a BIZZpage