Senior Security Engineer
Location: Mill Valley - CA, San Francisco, CA or Chicago, IL
Technology focus: AWS, Security, Python, Unix
Job type: Permanent
There is an immediate requirement for a seasoned and talented Sr. Security Engineer who has hands on exposure working within an AWS environment from a security and architectural perspective and someone who can lock down their corporate assets and network. My client are industry-leading, with more than 40M members and thousands of business customers, with their overriding mission to help anyone anywhere. This is an opportunity to have real ownership and a license to champion best practices, drive change and determine future policy and architecture.
* Design, deploy, manage and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more
* Partner with teams on technology initiatives to improve security and bring standard methodologies to our products and services
* Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
* Define, implement, and tune detective capabilities and data sources to detect and remediate malicious activity
* Work with engineering and operations teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
* Analyze security data and report on threats and incidents across various platforms and environments.
* Mentor team members, junior and senior, in state-of-the-art incident response practices
* Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
* Assist with security incidents that the company may face in alignment with our response processes
* Assess risk arising from third-parties, vendors and partners in our ecosystem and design controls to mitigate such risks
* Document security processes and standards.
* 6+ years of experience with security engineering in e-commerce, internet, or social networking settings
* BS/MS/PhD in Computer Science, Information Systems, Electrical Engineering, or the equivalent in experience and evidence of exceptional ability.
* Must Have: Hands-on expertise operating in an AWS environment with mastery of architecture and security capabilities in the cloud
* Mastery of multiple security domains such as intrusion detection, incident response, malware analysis, and forensics.
* Strong knowledge of UNIX operating systems
* Advanced programming abilities in Python or similar language
* Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten
* Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
* Experience working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams, and law enforcement throughout the incident life cycle.
* Strong verbal and written communication skills, solid team player, with demonstrated abilities in analysis and problem-solving
What you'll receive:
* A competitive salary & bonus scheme
* To work with like-minded and experienced professionals
* Generous PTO
* 401(k) Plan with a Company Match
* 100% company paid medical/dental/vision/life coverage; 80% dependent coverage
* Can work up to 3 days remote, 2 days onsite
* Long-term incentive plans, paid volunteering days, on site classes
* And much more!
If you are interested, or know anyone in your network who might be, I look forward to hearing from you. I can be contacted on +1 347-270-8872