Senior Cloud Security Engineer

San Francisco (or US Remote) /
Security /
Full-time
Build the world's fastest Identity and Checkout products

Company Mission

Our mission is to make buying online faster, safer and easier for everyone. Fast Login and Fast Checkout enable a one-click sign-in and purchasing experience that makes it easier for people to buy and merchants to sell. The company’s products work on any browser, device or platform to deliver a consistent, stress-free purchasing experience. Fast is entirely consumer-focused and invests heavily in its users’ privacy and data security. Headquartered in San Francisco with Fast Flex for global employment, we are a privately held company funded by Stripe, Index Ventures, Susa Ventures and other renowned investors.

Summary

We are looking for a hands-on individual with a white hat hacker mindset to join us in a Senior Cloud Security Engineer role. You will be responsible for architecting, developing and deploying security tools and technologies to protect the Fast platform and backend infrastructure. You will get exposure and contribute to the broader systems and cloud infrastructure initiatives here at Fast too.

Role

-Ensure that our production platform in AWS has been hardened as per industry standards e.g. CIS benchmarks
-Ensure all AWS security best practices have been implemented in the production platform
-Own the vulnerability assessment and patch triage process to support ongoing vulnerability and patch management at Fast and provide recommendations for identified vulnerabilities
-Review security alerts and reports on a daily basis and work closely with the Infrastructure team in any follow up investigation or remediation
-Tune the logging infrastructure on an ongoing basis to surface true positives
-Perform vulnerability assessments of the Fast production infrastructure Identify all vulnerabilities originating from third party dependencies and ensuring timely remediation
-Review the current and upcoming infrastructure stack from a security perspective and provide recommendations
-Deploy and own Security Incident and Event Management (SIEM) solution at Fast
-Automate security controls using scripting to the extent that it requires minimal human interaction

Requirements

-Bachelors in Computer Science or related field
-4+ years in a Infrastructure engineering or DevOps role
-Hands on experience with AWS Security best practices
-Experience with key management tools like KMS, Hashicorp Vault
-Experience in using scripting languages e.g. Python, Perl, PHP, Ruby to automate tasks and manipulate data
-Comfortable with vulnerability scanning tools like Qualys, Nessus etc.
-Experience with SIEM tools like Splunk, Sumo Logic, Lacework etc.
-Experience with automation tools like Ansible, Chef, Puppet, Jenkins desired but not a must have
-Experience with container security and container orchestration tools e.g. Kubernetes desired but not required
-Experience with Web Application Firewalls (WAF) desired

*no recruiters please*

Benefits of life @ Fast

*Fast Flex allows all of our employees to choose where they want to work: our office (when open), their home
or any place else in the world.
*Help eliminate passwords and expand e-commerce worldwide
*Innovative engineering and product culture
*Early stage well-funded company
*Inclusion and diversity as a company priority 
*Founders-led company
*Competitive compensation packages 
*Comprehensive benefits (including 99% of healthcare cost and 401k matching)
*Additional benefits include home office reimbursements and snack deliveries