Skip to content

Security Engineer#

Description#

A Security Engineer is responsible for handling the everyday tasks within amazee.io’s Security team. As a part of that team, the person holding this role is expected to test and implement new technologies to improve the security of amazee.io’s systems; document processes, procedures, and testing outcomes; and to handle security issues as they arise. Some technical acumen is required and ample technical challenges exist for a person in this position to excel at development tasks.

Responsibilities#

  • Help to define the overall security posture of amazee.io in coordination with the CTO, CISO, other members of the Security team, and Management
  • Assist with the implementation of tools, improvements, and changes together with the Platform and IT teams
  • Assist with configuration changes required to ensure compliance with various certifications as required by the IT team
  • Assist with planning and coordinating any security testing of amazee.io infrastructure and any follow on work based on discoveries during such testing
  • Assist with responding to security incidents and writing Root-Cause Analysis reports afterwards
  • Maintain appropriate contacts with suitable legal authorities and membership in relevant professional groups
  • Support the definition and execution of amazee.io’s cybersecurity strategy in conjunction with other members of the Security team, the Platform team, and the IT team

Non-responsibilites#

  • Fixing identified security issues

Requirements#

  • 3 years+ of Systems Administrator experience or similar, preferably with *nix systems
  • 1 year+ experience in administration of Kubernetes and/or OpenShift clusters
  • 1 year+ experience with at least one scripting language (BASH, Python, Perl, PHP)
  • Advanced knowledge of at least one OS (*nix, OSX, or Windows)
  • Some familiarity with InfoSec certifications (ISO27001, PCI, SOC2, etc.)
  • Experience with IT security and cybercrime prevention
  • Structured mindset, desire to plan ahead and mitigate bottlenecks and cyberattacks
  • Ability to analyze problems efficiently and effectively; you stay calm and focused when outages and incidents occur
  • Ability to work both independently and as part of a team
  • Super comfortable reading, writing, and communicating in English

Bonus Points#

  • Industry certifications (Security+, CySA, CEH, KSP)
  • Formal education in Cybersecurity (Master or Baccalaureate level degree)
  • Bonus Points for having found a security issue in Lagoon

Up-Leveling#

Employees who currently serve as Platform Engineers will gain many of the skills required to excel as a Security Engineer as they gain more experience with and exposure to the systems which power the Lagoon platform. These are the basic qualifications required before a move from the role of a Platform Engineer to that of a Security Engineer could be considered:

  • At least one year of experience as a Platform Engineer at amazee.io
  • At least three years of experience as a Platform Engineer overall
  • A strong desire to work in InfoSec
  • A written positive recommendation from the employee’s lead
  • Some form of either an industry certification (Sec+, CySA, CEH, KSP, etc.) or relevant education (proof of completion of a college level course in Cybersecurity or the completion of a reasonably advanced Cybersecurity focused online learning program)
  • Bonus Points for having found a security issue in Lagoon or the amazee.io platform