Security Engineer, Blue Team at Olo
At Olo we develop an online food ordering platform used by many of the country’s largest restaurant chains, reaching millions of consumers. Chances are if you’ve ordered directly from a restaurant brand’s app or website, we’ve made that happen. Mobile ordering and payments is an exciting and active industry full of interesting players and yet still a relatively untapped market ripe for disruption. We’re quite up-front about the technical challenges our business faces. Running a platform with multiple white-labeled front-ends, that maintains real-time connections into thousands of restaurants’ POS systems, and coordinates complex transactions between these and other third parties (such as payment gateways and gift card providers) is not for the faint of heart! We take great pride in the reliability, security, and performance of our systems and services. We are looking for a talented Security Engineer with experience in a Blue Team role to help us fortify our defenses and protect the systems that enable hungry people to order their food quickly and securely.
In the role of Senior Security Engineer, you will design and implement the security defenses that enable our systems to keep running while protecting the data of our clients and their customers.
- Detect and defend against attacks against our SaaS platform and employees.
- Respond to alerts, events, and incidents per our specified procedures
- Continuously improve our alert configuration and incident response procedures.
- Proactively explore logs for unusual activity and explore hosts and configuration for weaknesses.
- Lead remediation efforts from Red Team findings.
- Review patching, firewall rules, and server configurations together with the Infrastructure team.
- Work with third party PCI and SOC auditors to provide evidence of compliance.
- Support and lead AV, IAM, and Endpoint technology and deployments. Help automate patching and task automation of servers and desktops.
- Interact with IT operational and development teams to advise on, coordinate and track mitigation and remediation activities.
- Conduct Blue Team exercises and Computer Network Defense drills in order to evaluate and improve processes and technologies related to threat detection, incident response, patching, remediation and user training.
- Maintain vulnerability management solutions to ensure endpoints are compliant with security guidelines.
- Help diligence third party software and SaaS tools for our approved vendor list.
- Conduct forensic analysis
- Assist in detecting and preventing fraud.
- Proactively identify and implement improvements to our tools and processes.
- Automate as much of your job as possi
- Solid depth and breadth of experience with AWS cloud security best practices and Infrastructure-as-Code (e.g. Terraform, Ansible, CloudFormation or similar.)
- Experience securing an Internet-facing SaaS application developed in-house.
- Previous Blue Team experience
- Proficient in current security technologies, including advanced anti-malware solutions, network forensics, and detection solutions.
- Proven experience developing and leading remediation / mitigation activities, and providing status updates and reports.
- Experience with Windows Desktop, Windows Server, macOS, and Linux operating systems and system administration – specifically with regard to hardening, detection, patching and compliance.
- Experience with both hardware and AWS networking configuration (switches, firewalls, security groups, etc).
- Deep understanding of networking concepts such as DMZs, subnets, VLANs, proxies, private IP addressing and NAT; protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, SSH, SMTP, Active Directory etc.)
- Some basic development and scripting experience.
- Up up-to-date knowledge of information technology and cyber security standards, trends, and issues.
- Experience deploying, maintaining, and administering security technologies including log management systems, DLP systems, IDSs, WAFs, EDR, FIM, etc.
- Experience with PCI and/or SOC compliance highly beneficial.
- CISSP or equivalent certification preferred.
Olo powers digital ordering and delivery programs that connect restaurant brands to the on-demand world, placing orders directly into the restaurant through all order origination points – from a brand’s own website or app, third party marketplaces, social media platforms, smart speakers, and home assistants. Olo serves as the on-demand ordering and delivery platform across 70,000 locations for over 300 brands, such as Applebee’s, Checkers & Rally’s, Cheesecake Factory, Chili’s, Dairy Queen, Denny’s, Five Guys Burgers & Fries, Jamba Juice, Noodles & Company, Portillo’s Hot Dogs, Shake Shack, sweetgreen, Wingstop, and more. Learn more at www.olo.com.
Olo is located on the 82nd floor of One World Trade Center. We offer great benefits, such as 20 days of Paid Time Off, fully paid health, dental and vision care premiums, stock options, a generous parental leave plan, and perks like FitBits, rotating craft beers on tap in our kitchen, and food events featuring our clients' menu items (now you know why we give out FitBits!). Check out our culture map: https://www.olo.com/images/culture.jpg.
We encourage you to apply!
At Olo, we know a diverse and inclusive team not only makes our products better, but our workplace better. Many groups are consistently underrepresented across the tech sector and we are fully committed to doing our part to move the needle.
Olo is an equal opportunity employer and diversity is highly valued at our company. All applicants receive consideration for employment. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, pregnancy, age, marital status, veteran status, or disability status.
If you like what you read, hear, and/or know about Olo, and want to be a part of our team, please do not hesitate to apply! We are excited to hear from you
Please let the company know you found this position on remote-developer-jobs.com so we can keep providing you with quality jobs.
See related remote developer jobs