Senior Production Security Engineer (Remote US)
Company: Anomali
Location: Redwood City
Posted on: January 21, 2023
|
|
Job Description:
Senior Production Security Engineer (Remote US) Anomali, founded
in 2013, is the recognized leader in intelligence-driven
cybersecurity. More than 1,500 public and private sector
organizations rely on Anomali to see and detect threats more
quickly, reduce the risk of security breaches, and improve security
operations productivity. Anomali solutions serve customers around
the world in nearly every major industry vertical, including many
of the Global 2000. As an early threat intelligence innovator,
Anomali was founded in 2013 and is backed by leading venture firms
including GV, Paladin Capital Group, In-Q-Tel, Institutional
Venture Partners, and General Catalyst. Learn more at -
www.anomali.com . - Quite simply our sole mission is to help make
enterprises more secure and maximize the return on their security
investments. Anomali helps organizations find and respond to cyber
threats. We bring to your security and threat intelligence teams
the one thing that's been missing - external context. With Anomali
you can now identify suspicious or malicious traffic before it even
reaches your network. We turn threat intelligence into your cyber
no-fly list, and seamlessly integrate this with your existing
internal security and IT systems. Overview: Anomali is looking for
a hands-on senior cloud security engineer to improve and maintain
our security posture. We are looking for someone with 10+ years'
experience in Security with a deep understanding of various
technologies in the security domain. This role will require someone
passionate about DevSecOps, with an accomplished background in
secure software engineering, with strong exposure to cloud platform
security practices. A passion for building secure world-class
infrastructure and tooling in terms of reliability, scalability,
and accessibility will be paramount. The person in this role will
help implement a capability driven, highly automated approach to
our security operations, monitoring & detection, incident response
capabilities, and our overall information security risk management
program efforts. A successful person in this role will be an
individual who is an avid problem solver with a background in
systems design, architecture and compliance and is one who loves an
environment focused on software engineering practice excellence,
code reviews and regular pairing. Possess excellent communication
skills, as well as being happy to collaborate with others, guiding
and mentoring where needed. A strong background with CI/CD
pipelines and security related tooling Responsibilities
---Administration of Certificate Lifecycle Management Services and
infrastructure ---Administration of Encryption and Key Management
Services and infrastructure ---Administration of Key Vaults, Cloud
Cryptographic and PKI Services ---Multi-cloud IAM integration and
administration ---Integration, validation and automation across
cryptographic frameworks ---Evaluate cryptographic tools, products
and frameworks ---Troubleshoot cryptographic anomalies, and issues
across the enterprise ---Negotiating and liaising with different
technology teams within the organization. ---Facilitate and embed
security controls across our infrastructure and into our CICD
pipelines. ---Set up monitoring dashboards, alerts, log management,
and other security operations capabilities by utilizing industry
standard tools and platforms (SIEMs) alongside our currently
deployed toolsets/platforms. ---Help enhance Incident Response
capabilities including Runbooks, reputation management, etc.
Qualifications Specific Experience needed to be successful in this
role: ---Knowledge of IAM concepts, including but not limited to
provisioning, RBAC, SCIM, LDAP, and governance and authorization
standards ---Experience with identity governance platforms
---Experience with federated identity platforms/products
---Knowledge of current Identity providers and protocols such as
Oauth 2.0, OpenID Connect, and SAML 2.0. Tokenization.
---Experience with authorization protocols like XACML and UMA
---Experience with Privileged Access Management ---Experience with
API security and public cloud APIs & integration ---Understanding
of information security architecture, mitigation of threats, and
compensating controls. Deep familiarity with frameworks such as
NIST 800-53, ISO 27001. ---Experience with and proven methods for
managing the information security incident lifecycle, including
incident response, mitigation, after-action reporting, and mapping
a path forward. ---Strong understanding of static analysis, dynamic
analysis and toolsets surrounding both. ---Excellent oral and
written communications skills for working with varying levels of
technical experience. ---Strong Programming experience in one of
the high-level languages - Python/Perl/Go. ---Proven ability to
independently identify and resolve critical and complex issues
through effective problem-solving skills ---Ability to combine
information from various sources into clear, concise technical
documents that explain the background and procedures for detecting
and mitigating risks. Preferred candidates will have a master's
degree in computer science/Computer Engineering /Cyber security or
in a relevant field to be successful. It is our policy to ensure
that all eligible persons have equal opportunity for employment and
advancement on the basis of their ability, qualifications and
aptitude. We select those suitable for appointment solely on the
basis of merit without regard to an individual's disability, race,
religion, sex, age or sexual orientation. Monitoring is carried out
to ensure that our equal opportunity policy is effectively
implemented. If you are interested in applying for employment with
Anomali and need special assistance or accommodation to apply for a
posted position, contact our Recruiting team at
-recruiting@anomali.com .
Keywords: Anomali, Redwood City , Senior Production Security Engineer (Remote US), Engineering , Redwood City, California
Click
here to apply!
|