What You’ll Do:

• Collaborate on the security strategy governing cloud-based platform infrastructure, PaaS/SaaS solutions, and internal applications and tooling.
• Collaborate with other infrastructure, DevOps, InfoSec/application engineers, and compliance to understand the product, technology and business needs.
• Engage our managed Security Operations Center team to improve queries, detection, playbooks, etc.
• Define and own guidance, alerts and security as code deployments to provide protection from malicious traffic, vulnerabilities and other attack vectors.
• Oversee building and maintaining an AWS cloud infrastructure architecture aligning security, compliance, performance and resilience.
• Architect security over PaaS/SaaS environments and ensure they are being properly monitored and configured.
• Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs.
• Build security utilities and tools for internal use that enable the DevSecOps team to operate at high speed and wide scale.
• Create and maintain documentation for security systems.
• Participate in an on-call rotation for 24x7 support of security operations.

What We Look For:

• At least 5+ years of relevant experience in a modern security environment.
• Experience with cloud-based security management/IDS/IPS/SIEM tools (WAF, Inspector, GuardDuty, Twistlock, Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, Sumologic, Imperva etc).
• Experience parsing security data from SIEM solutions, audit logs.
• Experience developing use cases for identifying potential threats from log sources.
• Understanding of security best practices for client-server product architectures for cloud-based deployments.
• In-depth knowledge of AWS services and hands-on experience.
• Experience in DevOps environments and deploying using CI/CD processes.
• Experience developing infrastructure as code (Terraform, Ansible).
• Knowledge of network based, system level, and application layer attacks and mitigation methods.
• Strong programming/scripting knowledge - Go, Python, Bash, etc.

Nice to Have:

• Experience with Kubernetes and containerized applications.
• Experience in OOP, TDD, design patterns, data structures and software security.
• Experience in performing security vulnerability assessments,
• Familiarity with PCI, SOC2 and SOX.
• Knowledge of SSO methodologies (SAML, OIDC).
• Experience with Sumologic and its SIEM service
• Experience designing processes around DevSecOps tools.
• Experience with other IaaS platforms (GCP, Azure, etc.).
• One or more recognized security and cloud specific certifications (e.g. CCSP, SSCP, CISSP, CCSK, GWAP, AWS Solutions Architect).

What We Offer You:

• Competitive salary and stock option plan
• 100% paid coverage of medical, dental and vision insurance
• Flexible PTO
• Opportunities for professional growth and development
• Paid parental leave
• Health & wellness initiatives

#LI-Remote #BI-Remote