Company offers the most-trusted app building platform for anyone looking for a better way to work. Company gives businesspeople and IT experts the ability to easily build and integrate apps to track, manage, and automate processes in days, not weeks. Our customers make lasting and substantial improvements to their business using Company’s low-code application development platform — and they love getting the industry’s best customer experience every step of the way. We are looking for an enthusiastic Security Engineer to supplement our InfoSec team as we continue to automate and improve our security program.
The Security Engineer combines proven integration and automation skills with a passion for security. This role will have significant input to our security orchestration and automated response (SOAR) capabilities. The position is highly collaborative and requires excellent communication, project management, and teamwork.
The Security Engineer reports to the Director, Information Security. The position is fully remote with occasional travel corporate HQ in Denver, Colorado. Responsibilities
Serve as lead technical resource for assigned security tools and services.
Lead efforts to automate cloud inventory processes.
Lead efforts to implement aspects of our SOAR strategy.
Participate in security event investigation and/or incident response.
Support security metrics through automated testing of security controls.
Contribute to information security planning, e.g., strategy, standards.
Support compliance efforts by producing artifacts from security tools and services.
Collaborate with Operations on cloud environment and customer data security.
Collaborate with IT on corporate network, endpoint, and corporate data security.
Collaborate with HR to create a culture of security awareness.
Maintain awareness and knowledge of emerging security threats and vulnerabilities.
Maintain awareness and knowledge of AWS services and cloud security best practices.
Maintain awareness and knowledge of major information security frameworks/guidance, e.g., CSA Controls Matrix, NIST CSF, FedRAMP.
An attitude of “Problems are opportunities!” and “Manual work is tech debt!”
A passion for process improvement, efficiency, and automation.
Proven integration and automation skills via REST APIs and microservices.
1 - 3 years of development and/or automation experience, preferably with Python.
Familiarity with open-source or commercial integration platforms. Experience with Workato is a plus.
Familiarity with version control. Experience with GitLab is a plus.
Strong Linux skills.
Experience with open-source or commercial SIEM, IDS/IPS, and vulnerability scanning solutions.
Familiarity with security exploits, threats, and adversarial tactics, e.g., OWASP Top 10, MITRE ATT&CK.
Experience working in AWS environments.
Excellent critical thinking and problem-solving skills. You can contribute to spirited, yet professional, debate.
Self-managed. Excellent planning, and time management skills.
Experience working within Agile and Kanban frameworks.
Bachelor’s degree in Computer Science, Computer Information Systems, Information Assurance, or related.