Security Production Engineer
PhishMe is seeking an experienced Security Production Engineer. As a Security Production Engineer, you will play a critical role in effectively building, maintaining and improving the security of our organization's systems, platform, and infrastructure. You will be responsible for the development/deployment of tooling that will support the monitoring and managing the security in our environments. You will also work with other security focused engineers to manage traditional systems and network security tools such as web application firewalls, DDoS service, HIDS and more designed to protect our customers and business against malicious external attacks.
You will have the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure
This role will report to a Director of Production Engineering.
This is a full-time position working for PhishMe, Inc. Outsourced or software development contractors will not be considered.
- Work across engineering and development teams to establish and enforce security practices and procedures in the building of environments and deployment of code
- Implementation, configuration, and management of security tooling for hosts and applications
- Perform vulnerability identification and remediation including patch management for systems and networks
- Management of AWS Security including best practices, security groups, user access
- Management and configuration of security tooling including web application firewall, HIDS, VPN, and more
- Remediation of reported infrastructure or platform vulnerabilities, exploits, and threats
- Management of user access, roles, and permissions to critical services
- System hardening according to industry best practices
- Cross-team work with the various product offerings within PhishMe
- Provide support to Sales Engineering in developing responses to RFP/RFQs
Your general milestones are as follows:
- Within the first month – while working with engineers on the teams, be able to jump head-first into enhancing the platform and ask the appropriate questions / do the appropriate research to identify the general functions and behaviors of the system. (You have built out a local development environment and will participate in some of the regular/operational tasks. Part of the participation you will improve upon the process and documented bringing your experience/perspective).
- Within three months – have proficient knowledge of the platform and be able to take the reins around backlog items and appropriately develop and implement solutions to the platform. (You will have either written a new Chef Cookbook/Ansible Role or optimized an existing. You will have deployed or modified existing AWS infrastructure via Terraform)
- Within six to nine months – be able to navigate the full stack of the platform and supporting components, contributing directly to engineering discussions that affect the current and future state of the applications. Essentially, contributing to the team at your full capacity. (You have determined gaps/inefficiencies within PhishMe and have written an engineering case to justify the mitigate of these concerns. You will design/build/document this solution using your language of choice (assuming code is involved) and all system/infra will be deployed with Chef/Ansible and Terraform). You will have completed an integration between Gitlab and JumpCloud to support onboarding new employees.
The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with PhishMe will be voluntarily entered into and your employment is considered at will. PhishMe reserves the right to alter the job description at any time without notice.
- You need to be always shipping - writing code, remediating vulnerabilities (or assisting), documenting, solving problems or assisting development/operations
- Comfortable with a fast-moving development pace
- Chef and/or Ansible (bonus points for InSpec)
- Centos / Ubuntu background
Successful applicants must demonstrate:
- A strong interest in the field of information security
- A good knowledge of IT security fundamental concepts
- Actively working / participant in a Devop’s environment
Additional experience that would be preferable:
- AWS environment builds/security groups
- Github/Git usage
- Signal Sciences, JumpCloud, Jenkins, OSSEC HIDS and Zscaler
- SANS Certs
- Competitive salary and incentive stock options
- 401k plan with company match
- Health, vision, dental, disability, and life insurance
- Telecom expense reimbursement
- Full-time Telecommute (The United States only)
PhishMe is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law.