Security Engineer

Remote /
Lincoln Spin Out – Engineering /
Full-Time
Work with multi-disciplinary, high-performance, teams to build and maintain a variety of CloudSecOps and DevSecOps practices, processes and tooling for a fast growing suite of digital products. You will perform technical security assessments and support customers, security engineers and software developers by designing, integrating, automating, and managing security systems engineering and security-as-a-service. Success will include ensuring excellent user experiences by delivering on security, reliability and scalability targets and profiles with operational excellence, an adversarial mind-set, and secure design principles.

Responsibilities

    • Infrastructure Security: Improve existing infrastructure through advanced security practices and secure configuration automation, including autoremediation. Experience with cloud security tooling, cloud pen testing, obfuscation techniques, container security, and advanced networking skills are a plus.
    • Release Process: Secure, implement and manage software, infrastructure and detection pipeline security tooling, threat modeling and incident management.
    • Logging Automation: Ensure code security quality and vulnerability management during a rapid development process by using a broad suite of security testing, vuln management, WAF, SEIM and SDR tools supporting web frontend, API, infrastructure and honeynets deployment.
    • Automation: Strategize best ways for engineering continuous secure deployment for dynamically growing platform utilizing multiple public provider environments, e.g. using Infrastructure as Code, Policy as Code, Secrets Mgmt. & related tooling and frameworks.
    • Team Collaboration: Work closely with customers, security, QA, development and infrastructure teams to address their concerns and security requirements for development, build and deployment process security testing.

Requirements

    • 5+ years of hands-on experience in agile security engineering or equivalent.
    • 5+ years of experience in security of, and security with, CI/CD platforms. Expert understanding of Pen Testing, AppSec, Cloud Security, Network Security & IR. 
    • 5+ years of hands-on experience in securing, monitoring, and managing distributed systems on CSPs like Linode, AWS, GCP, or Azure. 
    • Proficient coding experience in Python, Go, C++, and/or Rust. 
    • Startup experience is a plus.
    • Education: BA, BS or MS in Computer Science/Information Systems/Business or equivalent experience required.