Office Tour Photos
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
We are currently hiring an influential and creative Staff Information Security Engineer interested in joining our Global Information Security team – creating systems that make it easy to efficiently manage security compliance, event prevention, detection, and response in our large-scale corporate, development, and production environments. Working in collaboration with other members of the Operations, Engineering, Compliance, and Security teams you will be the technical lead for a small, nimble security engineering team that is building and maintaining the fundamental tooling and automation that empowers our Information Security Engineers, Application Engineers, and Compliance Analysts to improve productivity and security posture across our corporate and production systems.
Technologies you may work with include:
- Perl, Python, Ruby, bash, Powershell, etc.
- Operating systems (Windows, Linux)
- Endpoint detection and response (e.g. GRR, squery, sysmon, Tripwire, or similar)
- Network Intrusion Detection Systems (Suricata, Security Onion, Snort, or similar)
- Vulnerability Management Systems (Tenable Security Center, Tenable.io, Qualys, Rapid7, or similar)
- Log collection and normalization (e.g. Splunk, ELK, or simialr)
- Security Incident and Event Management (Splunk ES, ThreatStack, or similar)
- Configuration & runbook management (e.g. Puppet, Ansible, Rundeck, CloudFormation)
- Public cloud/PaaS (e.g. AWS, Azure, GCC)
- Private cloud (OpenStack or similar)
- Continuous integration / continuous deployment (CI/CD)
- Databases and related technology (MySQL/MariaDB, nosql, RDS)
- Virtualization and Containers (VMware, Docker, Kubernetes, or similar)
- Provide technical leadership and direction for a small, nimble security engineering team
- Independently assess and organize day to day activities of the team across several competing projects and priorities established by management
- Communication and coordination with Information & Application Security Engineers, Complaince Analsyts, Development, and other Operations Tools teams
- Provide continuous monitoring, maintenance, and support of new and existing security tool systems and infrastructure to ensure resilience, reliability, and scalability.
- Identify existing technology and processes that would be good candidates for automation, security monitoring, reporting or tooling optimization
- Recommend, design, build, and deploy new tools and platforms that automate, streamline and scale our security operations efforts
- Build reusable libraries and tools for common application security functions
- Develop custom security monitoring/reporting automation
- Analyze, scope, and document new tool requirements in accordance with standards
What you bring to the team
- Security operations background that supports your understanding of security-specific tool needs (e.g. detection, forensics, log normalization, privilege separation, etc.)
- Demonstrated success automating and optimizing security tools and infrastructure in a complex large-scale computing environment
- Experienced utilizing packet capture tools and analysis of packet data
- Experienced with a majority of the technologies listed above or equivalents
- Effective and efficient programming skills; a fundamental understanding of what makes maintainable, extensible, and scalable code
- Comfortable working with existing code, open source tools, APIs, and driving for improvement whenever possible
- Excellent organizational skills and technical leadership skills, including the ability to independently set team priorities and drive projects to completion
- Excellent verbal and written communication skills including a focus on providing continuous, proactive communications to management, peers, and stakeholders while working on projects
- BS in Computer Science or relevant work
- Coding and/or scripting experience is required
More Jobs From