You will provide engineering and operational support for leading security tools, as well as deploying and running services that make full use of public cloud services.
You will provide engineering support in the following areas:
You will support security verticals (product, workforce, operations and compliance) executing the security roadmap based on Next Insurance‘s priorities and initiatives.
You will maintain the engineering team’s operational level engagement to detect and respond to critical security service delivery issues.
You will perform technical evaluations to identify coverage gaps in existing information security capabilities.
Work with business owners and support the development and deployment of solutions that are in alignment with the business priorities.
You will provide security infrastructure deployment, service maintenance, change control, support and system resiliency.
Achieve a deep knowledge of our product architecture and real-world usage patterns in order to gain better business insight on what solutions will deliver the best value for the team.
You possess the ability to accurately assess problems from multiple perspectives, analyze approach feasibility, and decide on the optimal course of action.
Possess and nurture a red tam mentality: Being able to visualize issues and possible solutions outside the box.
You have start-up DNA: You have demonstrated an ability to thrive in a dynamic start-up environment or have the DNA to do so.
Engineering experience in driving security and compliance initiatives
Achieve security engineering’s goals / objectives that drive engineering projects by taking ownership and delivering results.
3 or more years of security experience in one or more of these critical areas: network security, engineering, operations.
Understand security concepts in AWS cloud and familiarity with available AWS security tools, such as Inspector, GuardDuty, Config, CloudWatch, etc.
Familiar with log management and security analytics tools, including open source tools such as ELK, Greylog, etc.
Experience with integrating security in the CI/CD pipeline (running unit tests, running security tools, managing secrets using Vault) using configuration management and automation tools such as Jenkins, Ansible, Terraform, etc.
Good understanding of computer networking, routing, and protocols.
Good understanding of information security architecture, mitigation of threats, and compensating controls.