Company offers the most-trusted app building platform for anyone looking for a better way to work. Company gives businesspeople and IT experts the ability to easily build and integrate apps to track, manage, and automate processes in days, not weeks. Our customers make lasting and substantial improvements to their business using Company’s low-code application development platform — and they love getting the industry’s best customer experience every step of the way. We are looking for an enthusiastic Security Engineer to supplement our InfoSec team as we continue to automate and improve our security program.
The Security Engineer combines proven integration and automation skills with a passion for security. This role will have significant input to our security orchestration and automated response (SOAR) capabilities. The position is highly collaborative and requires excellent communication, project management, and teamwork.
The Security Engineer reports to the Director, Information Security. The position is fully remote with occasional travel corporate HQ in Denver, Colorado. Responsibilities
Security Engineering:
Serve as lead technical resource for assigned security tools and services.
Lead efforts to automate cloud inventory processes.
Lead efforts to implement aspects of our SOAR strategy.
Participate in security event investigation and/or incident response.
Support security metrics through automated testing of security controls.
Contribute to information security planning, e.g., strategy, standards.
Support compliance efforts by producing artifacts from security tools and services.
Partnership:
Collaborate with Operations on cloud environment and customer data security.
Collaborate with IT on corporate network, endpoint, and corporate data security.
Collaborate with HR to create a culture of security awareness.
Continuous Education:
Maintain awareness and knowledge of emerging security threats and vulnerabilities.
Maintain awareness and knowledge of AWS services and cloud security best practices.
Maintain awareness and knowledge of major information security frameworks/guidance, e.g., CSA Controls Matrix, NIST CSF, FedRAMP.
Requirements
An attitude of “Problems are opportunities!” and “Manual work is tech debt!”
A passion for process improvement, efficiency, and automation.
Proven integration and automation skills via REST APIs and microservices.
1 - 3 years of development and/or automation experience, preferably with Python.
Familiarity with open-source or commercial integration platforms. Experience with Workato is a plus.
Familiarity with version control. Experience with GitLab is a plus.
Strong Linux skills.
Experience with open-source or commercial SIEM, IDS/IPS, and vulnerability scanning solutions.
Familiarity with security exploits, threats, and adversarial tactics, e.g., OWASP Top 10, MITRE ATT&CK.
Experience working in AWS environments.
Excellent critical thinking and problem-solving skills. You can contribute to spirited, yet professional, debate.
Self-managed. Excellent planning, and time management skills.
Experience working within Agile and Kanban frameworks.
Education:
Bachelor’s degree in Computer Science, Computer Information Systems, Information Assurance, or related.
A strong interest in information security as a career field and related continuous education.
U.S citizenship is required. Sponsorship is not available.
Differentiators
Experience with open-source or commercial security orchestration and automated response (SOAR) platforms.
Experience with security compliance audits, e.g., SOC2, HIPAA, FISMA, FedRAMP.
Experience as a DevOps engineer.
Experience with Docker and Kubernetes.
PMI Citizen Developer Foundations or higher Certification.
Experience with Low/No-Code solutions.
Salary & Benefits
The salary range for this position is [$]
We cover 100% medical, dental, and vision benefits
We understand you have a life outside of work and have an unlimited, flexible time-off policy
We provide competitive paid parental leave for all new parents after 6 months
We made Built in Colorado’s Best Small Companies to Work For list, Denver Business Journal’s Largest Denver-area Tech Employers list, and Outside Magazine’s 50 Best Places to Work list
You will have the opportunity to challenge yourself and have a high degree of responsibility and impact
Your daily tasks will change often and give you many opportunities to grow your professional and technical skillset and advance your career
Education & Training
Hands-on low-code application development training via Company University.
Sponsorship for Project Management Institute’s (PMI) Citizen Developer certification program.
Security and/or compliance certification and continuing education assistance.