Handbook
Search…
Security Engineer

Description

A Security Engineer is responsible for handling the everyday tasks within amazee.io’s Security team. As a part of that team, the person holding this role is expected to test and implement new technologies to improve the security of amazee.io’s systems; document processes, procedures, and testing outcomes; and to handle security issues as they arise. Some technical acumen is required and ample technical challenges exist for a person in this position to excel at development tasks.

Responsibilities

    Help to define the overall security posture of amazee.io in coordination with the CTO, CISO, other members of the Security team, and the MGMT
    Assist with the implementation of tools, improvements and changes together with the Platform and IT teams
    Assist with configuration changes required to ensure compliance with various certifications as required by the IT team
    Assist with planning and coordinating any security testing of amazee.io infrastructure and any follow on work based on discoveries during such testing
    Assist with responding to security incidents and writing Root-Cause Analysis reports afterwards
    Support the definition and execution of amazee.io’s cybersecurity strategy in conjunction with other members of the Security team, the Platform team, and the IT team.

Non-responsibilites

    Fixing identified security issues

Requirements

    3 years+ of Systems Administrator experience or similar, preferably with *nix systems
    1 year+ experience in administration of Kubernetes and/or OpenShift clusters
    1 year+ experience with at least one scripting language (BASH, Python, Perl, PHP)
    Advanced knowledge of at least one OS (*nix, OSX, or Windows)
    Some familiarity with InfoSec certifications (ISO27001, PCI, SOC2, etc.)
    Experience with IT security and cybercrime prevention
    Structured mindset, desire to plan ahead and mitigate bottlenecks and cyberattacks
    Ability to analyze problems efficiently and effectively; you stay calm and focused when outages and incidents occur
    Ability to work both independently and as part of a team
    Super comfortable reading, writing, and communicating in English

Bonus Points

Industry certifications (Security+, CySA, CEH, KSP) Formal education in Cybersecurity (Master or Baccalaureate level degree) Bonus Points for having found a security issue in Lagoon

Up-Leveling

Employees who currently serve as Platform Engineers will gain many of the skills required to excel as a Security Engineer as they gain more experience with and exposure to the systems which power the Lagoon platform. These are the basic qualifications required before a move from the role of a Platform Engineer to that of a Security Engineer could be considered:
    At least one year of experience as a Platform Engineer at amazee.io
    At least three years of experience as a Platform Engineer overall
    A strong desire to work in InfoSec
    A written positive recommendation from the employee’s lead
    Some form of either an industry certification (Sec+, CySA, CEH, KSP, etc.) or relevant education (proof of a college level course in Cybersecurity or the completion of a reasonably advanced Cybersecurity focused online learning program)
    Bonus Points for having found a security issue in Lagoon or the amazee.io platform
Last modified 3mo ago