Security Engineer

This is a fully remote position, open to applicants in New York.

📋 Description

• Develop, maintain, and support secure automation and operational engineering solutions in both on-premises and cloud environments.

• Design and implement operational workflows and remediation capabilities that enhance efficiency, consistency, and resilience across security and infrastructure processes.

• Safeguard critical infrastructure in adherence to privacy, security, business resiliency, and compliance frameworks as stipulated.

• Provide practical engineering support for security systems, platform integrations, and configuration administration to enhance reliability and mitigate operational risk.

• Collaborate with key stakeholders to ensure operational requirements, engineering standards, and support considerations are integrated into platform deployments.

• Document, standardize, and enhance engineering processes that strike a balance between security, operational stability, and business requirements.

• Foster relationships with infrastructure and development teams to embed security principles into engineering design and implementations.

• Cultivate partnerships with IT production and engineering teams.

• Evaluate operational challenges, pinpoint automation and integration opportunities, and execute enhancements across infrastructure and security platforms.

• Design and implement scalable and maintainable enterprise-grade solutions utilizing existing toolsets.

• Architect, engineer, and create innovative on-premises and cloud-based solutions with established technology stacks.

• Collaborate with our team to develop user stories for key security initiatives and support delivery from conceptualization to implementation.

• Engage with stakeholders throughout project planning and execution to ensure alignment on requirements, security expectations, and implementation results.

• Produce high-quality technical documentation, including automation tools, reference architectures, and baselines to assist our partners in building upon our work.

• Participate actively in change and project management meetings.

• Mentor and invest in the growth of team members.

• Perform additional duties as assigned.

⛳️ Requirements

• Bachelor's degree in technology, computer science, engineering, or equivalent professional experience.

• At least 5 years of experience in operational engineering, automation, security engineering, systems administration, or a related technical field.

• Intermediate or advanced proficiency in Python and PowerShell development, including practical scripting, object-oriented programming, module and package distribution, as well as independent troubleshooting and debugging.

• Practical experience with DevOps and CI/CD methodologies, including source control platforms like GitHub or GitLab and pipeline development.

• Strong knowledge of networking, encompassing micro-segmentation, firewalls, packet capture analysis, troubleshooting, and hybrid cloud/on-premises/zero trust environments.

• Hands-on experience utilizing REST APIs, including secure integration patterns and best practices for automating across diverse tools.

• Comprehensive understanding of network security best practices, secure connectivity patterns, and fundamental network protocols.

• Practical experience with network traffic analysis tools such as Wireshark, tcpdump, and NetFlow data.

• Experience in supporting and engineering solutions on Microsoft Azure and Amazon Web Services (AWS), including operational administration and integration.

• Familiarity with container technologies and platforms, such as Docker, Podman, or Kubernetes development and deployments.

• Detailed knowledge of Kubernetes architecture and security, containerization, infrastructure as code, and enterprise automation practices.

• Awareness of secrets management practices, including secure retrieval and use of secrets from a centralized secrets platform.

• Preferred experience with ServiceNow administration or development, encompassing scoped applications, Flow Designer, and catalog item development.

• Understanding of security frameworks and practices including NIST, OWASP, CIS, CVSS, the MITRE ATT&CK framework, and secure software development lifecycle principles.

• Familiarity with relevant DevOps tools such as Terraform, Git, Jenkins, Nexus Repository Manager, and related platforms is preferred.

• Excellent communication skills, with the capacity to collaborate with a diverse range of stakeholders and clearly articulate complex technical topics.

• Ability to think strategically and tactically, act as a motivated self-starter, and be acknowledged as a technical leader within the security organization.

• Preferred certifications include CCSK, CCSP, CISSP, or equivalent security credentials.

🏝️ Benefits

• Medical, dental, and vision coverage

• Wellness plans

• Parental leave

• Adoption assistance

• Tuition reimbursement

• Paid Time Off and paid holidays

• 401(k) plan with company match

• Employee stock purchase plan

• Commuter benefits