Security Production Engineer
- Job Location(s): US-Remote
- Job ID: 2019-2067
- # of Openings: 1
- Category: Engineering
Reporting to the Vice President of Product Engineering, the Security Production Engineer is responsible for playing a critical role in effectively building, maintaining and improving the security of our systems, platform, and infrastructure deployed in AWS and in On Premise security appliances. This role has the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure to implement a SecDevOps approach that is integrated into the deployment pipelines, continuous, and low-friction where security cannot be a blocker.
This is a full-time position working for Cofense, Inc. Outsourced or software development contractors will not be considered
- Develop and deploy tools and processes that for securely managing environments used by Cofense Simulator, Triage, and other SaaS and Managed Service offerings.
- Work with other security-focused engineers, production engineers, and software engineers to manage traditional systems and network security tools such as web application firewalls, DDoS service, HIDS while working to integrate security into dynamic cloud environments that leverage AWS services and Docker.
- Work across multiple production engineering and development teams to establish, enforce, and socialize security practices and procedures in the building of environments and deployment of code
- Implement, configure, and manage security tooling for hosts and applications and cloud services
- Perform vulnerability identification and remediation including patch management for systems and networks
- Objectively assess risks based on business critical of system and data assets
- Manage and monitor AWS account security including best practices, security groups, user access
- Manage and configure of security tooling such as web application firewall, HIDS, VPNs.
- Manage of user access, roles, and permissions to critical services
- Harden systems and cloud infrastructure according to industry best practices such as CIS
- Implement security controls to address compliance requirements such as SOC2, ISO, HIPPA, and GDPR.
- Cross-team work with the various product offerings within Cofense
- Provide support to Sales Engineering in developing responses to RFP/RFQs
- Other duties as assigned
The above statements are not an all-inclusive list of the duties and responsibilities of the position described, nor are they intended to be a listing of all of the skills or abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with COFENSE will be voluntarily entered into and your employment is considered at will. COFENSE reserves the right to alter the job description at any time without notice.
Knowledge, Skills and Abilities Required
- Solid knowledge of Enterprise security fundamentals and how they must to be adapted DevOps/Cloud Environments
- Ability to analyze security event and vulnerability findings from disparate sources (network, application, operating system, etc.) using a variety of manual and automated tools and processes
- Comfortable with a fast-moving development pace where security cannot be a blocker
- Knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS) and security technology (security groups, CloudTrail, VPC Flow Logs, CloudWatch)
- Familiarity with automated configuration management such as Puppet, Chef, or Ansible
- Strong Linux (CentOS/Ubuntu) background with experience working in large AWS deployments
- A strong interest in the field of information security principles
- Docker CLI familiarity and knowledge of repositories and container management preferred
- Familiarity with Jenkins, Git, Artifactory preferred
Education and/or Experience:
- Past experience working as part of distributed, remote-first team preferred
- Experience managing and building virtual appliances preferred
- Python or Ruby development background preferred
- Experience automating tasks in AWS using CloudFormation or Terraform preferred
- Experience automating AWS tasks with Lambda Functions preferred
- Experience Non-AWS Cloud providers such Azure or GCE preferred
- Experience with Signal Sciences, JumpCloud, Jenkins, OSSEC HIDS and Zscaler preferred
- Full-time Telecommute (The United States only)