You will work with other engineers to...
- ...act as SME of infrastructure security, and architect security services.
- ...automate Linux builds using AMIs, Ansible and Packer.
- ...configure and manage AWS resources using Terraform.
- ...plan and execute infrastructure changes in a fault-tolerant way.
- ...implement CUECs published by our vendors on our systems.
- ...create and maintain system tooling in Python and/or Bash to empower yourself and others.
- ...automate collection of compliance information for audit reports.
- ...work an on-call shift one week out of six.
- ...work with stakeholders to plan and implement new systems that meet everyone's needs.
- ...refactor existing infrastructure to make it more reliable, secure, and efficient.
- ...continuously improve our processes to make them as humane and effective as possible.
You have experience...
- ...planning and managing security infrastructure on AWS and in Linux.
- ...automating tasks with Bash and Python, and deploying infrastructure with Terraform.
- ...with compliance programs like SOC2, NIST800-171, PCI, or HIPAA.
- ...with tools like SEIM, IDS/IPS, WAF, and Endpoint Security.
- ...approach problems with curiosity, flexibility, and persistence.
- ...have strong written and spoken English language skills.
- ...be a 1x engineer that writes understandable tools and documents their work, doesn’t know everything but never stops learning, and who believes in and builds up their work community.
- ...be based in US or Canada, with extremely infrequent travel to the US for in-person meetings.
It would be a plus if you have
- ...experience working with Ansible, Packer, Vagrant, or similar infrastructure management tools.
- ...willingness and flexibility to work on everything from writing high level infosec policy to rolling out endpoint security on developer laptops.
- ...an interest in reliability engineering and/or immutable infrastructure.