SecurEnds has emerged as CISOs leading choice of IGA SaaS software. We strive for best-in-class security for our product offerings. At SecurEnds, we are looking for a self-motivated Security Engineer to join our growing team at SecurEnds HQ in Atlanta.
As a Security Engineer with a strong DevOps and Cloud mindset, you will be responsible for operational aspects of security at SecurEnds, including system hardening, detection, and identify risks. This role will also protect the company and its employees from the numerous risks that they face, enabling them to work productively and safely using state-of-the-art tooling.
• Determines security requirements by evaluating production infrastructure design and requirements; researching and developing information security policy, standards and guidelines; conducting system security assessments.
• Deploy and improve tools for conducting periodic security checks of critical workday infrastructure, services, and applications; tools in our inventory include those we build, buy as well as those derived from open source projects.
• Own third-party/alliance assessments, use threat intelligence, analysis of anomalous log data and results of historical events and data to detect threats
• Evaluate, recommend, and implement security solutions and practices that protect company services and information assets; help the company manage risks and meet compliance obligations
• Develop security controls and processes that align with company policies and regulatory requirements
• Serve as the subject matter expert and point of escalation on the Security team Partner cross-functionally to ensure security technologies are actively managed and fully leveraged
• BS in Computer Science/related degree or equivalent work experience
• 10+ years in the information technology field with 7+ years focused on security disciplines CISSP or other security certifications helpful, but not required
• Extensive experience in monitoring, detecting, reporting security weaknesses and enforcing information security policies and best practices in a corporate environment using tools
• Experience with compliance/certification frameworks such as ISO27001, SOC2, FedRAMP, SOX, GDPR from a Product Security standpoint.
• Knowledge of securing public and private cloud infrastructure (Openstack, Kubernetes, AWS, Azure and GCP experience)
• Expert knowledge of security technologies, including firewalls, IDS/IPS, SIEM, VPNs, encryption, AWS IAM, network and application vulnerability assessment Knowledge of Linux, Mac, and Windows operating systems, web technologies, database systems, networking principles, access control methods, and security concepts
• Ability to innovate and find creative solutions that balance the needs of the business with the needs of security
Advanced understanding of information security principles and practices