Security Engineer

Description

A Security Engineer is responsible for handling the everyday tasks within amazee.io’s Security team. As a part of that team, the person holding this role is expected to test and implement new technologies to improve the security of amazee.io’s systems; document processes, procedures, and testing outcomes; and to handle security issues as they arise. Some technical acumen is required and ample technical challenges exist for a person in this position to excel at development tasks.

Responsibilities

  • Help to define the overall security posture of amazee.io in coordination with the CTO, CISO, other members of the Security team, and the MGMT

  • Assist with the implementation of tools, improvements and changes together with the Platform and IT teams

  • Assist with configuration changes required to ensure compliance with various certifications as required by the IT team

  • Assist with planning and coordinating any security testing of amazee.io infrastructure and any follow on work based on discoveries during such testing

  • Assist with responding to security incidents and writing Root-Cause Analysis reports afterwards

  • Support the definition and execution of amazee.io’s cybersecurity strategy in conjunction with other members of the Security team, the Platform team, and the IT team.

Non-responsibilites

  • Fixing identified security issues

Requirements

  • 3 years+ of Systems Administrator experience or similar, preferably with *nix systems

  • 1 year+ experience in administration of Kubernetes and/or OpenShift clusters

  • 1 year+ experience with at least one scripting language (BASH, Python, Perl, PHP)

  • Advanced knowledge of at least one OS (*nix, OSX, or Windows)

  • Some familiarity with InfoSec certifications (ISO27001, PCI, SOC2, etc.)

  • Experience with IT security and cybercrime prevention

  • Structured mindset, desire to plan ahead and mitigate bottlenecks and cyberattacks

  • Ability to analyze problems efficiently and effectively; you stay calm and focused when outages and incidents occur

  • Ability to work both independently and as part of a team

  • Super comfortable reading, writing, and communicating in English

Bonus Points

Industry certifications (Security+, CySA, CEH, KSP) Formal education in Cybersecurity (Master or Baccalaureate level degree) Bonus Points for having found a security issue in Lagoon

Up-Leveling

Employees who currently serve as Platform Engineers will gain many of the skills required to excel as a Security Engineer as they gain more experience with and exposure to the systems which power the Lagoon platform. These are the basic qualifications required before a move from the role of a Platform Engineer to that of a Security Engineer could be considered:

  • At least one year of experience as a Platform Engineer at amazee.io

  • At least three years of experience as a Platform Engineer overall

  • A strong desire to work in InfoSec

  • A written positive recommendation from the employee’s lead

  • Some form of either an industry certification (Sec+, CySA, CEH, KSP, etc.) or relevant education (proof of a college level course in Cybersecurity or the completion of a reasonably advanced Cybersecurity focused online learning program)

  • Bonus Points for having found a security issue in Lagoon or the amazee.io platform