The Security DevOps / Production Engineer is responsible for playing a critical role in effectively building, maintaining and improving the security of our systems, platform, and infrastructure deployed in AWS and in On Premise security appliances.
This role has the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure to implement a SecDevOps approach that is integrated into the deployment pipelines, continuous, and low-friction where security cannot be a blocker.
· Develop and deploy tools and processes that for securely managing environments used by Cofense Simulator, Triage, and other SaaS and Managed Service offerings.
· Work with other security-focused engineers, production engineers, and software engineers to manage traditional systems and network security tools such as web application firewalls, DDoS service, HIDS while working to integrate security into dynamic cloud environments that leverage AWS services and Docker.
· Work across multiple production engineering and development teams to establish, enforce, and socialize security practices and procedures in the building of environments and deployment of code · Implement, configure, and manage of security tooling for hosts and applications and cloud services · Perform vulnerability identification and remediation including patch management for systems and networks · Objectively assess risks based on business critical of system and data assets · Manage and monitor AWS account security including best practices, security groups, user access · Manage and configure of security tooling such as web application firewall, HIDS, VPNs. · Manage of user access, roles, and permissions to critical services · Harden systems and cloud infrastructure according to industry best practices such as CIS · Implement security controls to address compliance requirements such as SOC2, ISO, HIPPA, and GDPR. · Cross-team work with the various product offerings within Cofense · Provide support to Sales Engineering in developing responses to RFP/RFQs · Other duties as assigned Knowledge, Skills and Abilities Required · Solid knowledge of Enterprise security fundamentals and how they must to be adapted DevOps/Cloud Environments · Ability to analyze security event and vulnerability findings from disparate sources (network, application, operating system, etc.) using a variety of manual and automated tools and processes · Comfortable with a fast-moving development pace where security cannot be a blocker · Knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS) and security technology (security groups, CloudTrail, VPC Flow Logs, CloudWatch) · Familiarity with automated configuration management such as Puppet, Chef, or Ansible · Strong Linux (CentOS/Ubuntu) background with experience working in large AWS deployments · A strong interest in the field of information security principles · Docker CLI familiarity and knowledge of repositories and container management preferred · Familiarity with Jenkins, Git, Artifactory preferred
Education and/or Experience:
· Python, Java or Ruby development background preferred · Experience automating tasks in AWS using CloudFormation or Terraform preferred · Experience automating AWS tasks with Lambda Functions preferred · Experience Non-AWS Cloud providers such Azure or GCE preferred · Experience with Signal Sciences, JumpCloud, Jenkins, OSSEC HIDS and Zscaler preferred