Security Engineer, Sr.

OVERVIEW:  Our client is urgently looking for a Sr. Security Engineer. The ideal candidate for this role will be able to handle the following duties and responsibilities for the company:  Assist in designing, building, and reviewing security-related services and functionality of web applications, mobile applications, and desktop applications Scope and perform security reviews of web applications, mobile applications, desktop applications, and private and public cloud environments Provide engineers with well-researched security advice to demonstrate vulnerabilities and provide secure development guidance Assist in the triage of vulnerabilities that are found internally, privately or publicly disclosed, or reported through our bug bounty program Produce research and collaborate with our peers in the broader cyber-security industry Constantly question existing security practices and routines, and update, replace, or automate them Some example projects: Building a Rails application for securely sharing secrets Architecting, building, integrating, and deploying a secrets management solution for product infrastructure Designing and implementing SDLC within an agile development workflow Internal pentest of web applications and corresponding infrastructure REQUIREMENTS FOR THE ROLE:  4+ years of experience in Software Engineering, System Administration, or Security Engineering, with at least one ofthose years in a security-focused role Experience with the following technologies: MVC Web Frameworks (Ruby on Rails, Django, Phoenix) Webservers (Apache, Nginx) Relational Databases (PostgreSQL, MySQL) Cloud Computing (OpenStack, AWS) Knowledge and understanding of security concerns from the low level networking up to Javascript running in a web browser Thorough knowledge of Linux from a user and operator prospective Offensive mindset and the ability to think of and consider abuse and attack paths as well as the defensive mindset tothink of recommendations to prevent them Enthusiastic and quick learning of complex systems and open source software Comfortable working with continuous integration/delivery and agile development teams Able to work collaboratively across diverse engineering teams and products to meet organizational security goals Bonus Points: Experience with conducting threat assessments, building threat models, and creating remediation plans based on theresults of threat assessments OSCP Certification Networking protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Experience with the following technologies: Hashicorp Technologies (Consul, Terraform, Vault, Packer) Containers and Container Management (Docker, Kubernetes) In-Memory Caches (Memcache, Redis) Full Text Search (ElasticSearch, Solr) Config Management (Puppet, Ansible, Salt) Job Number: 17777
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Sr.Information Security Engineer
Sr. Application Security Engineer
El Segundo, CA Cetera Financial Group
Sr. Network Security Engineer
San Jose, CA eclaro
Sr Information Security Engineer/Consultant
Costa Mesa, CA AAA of Southern California
Sr. Security Engineer (Linux/AWS)
Santa Monica, CA Modis
Sr Cloud Security Engineer
Santa Clara, CA netSkope