We are looking for an experienced, talented, and motivated Cloud SecOps Engineer with strong experience in the secure delivery of AWS-based Linux and Windows workloads, and related systems and processes.
The role involves broad governance, risk, and compliance responsibility for evaluating systems, providing recommendations, supporting the SOC2 and TX-RAMP compliance programs, and mitigating issues to ensure the security of the Encoura systems.
You will be a key member of a small, skilled, results-oriented team of technology professionals tasked with ensuring our systems and data are protected.
The candidate should be detail-oriented and able to quickly evaluate processes and systems to optimize security controls and practices.
This role partners with application development teams and DevOps Engineers in the development and secure delivery of AWS-based platforms and products, aligning account permissions and access levels to business needs consistent with required audit/compliance standards.
Additionally, this role will audit systems security and ensure Encoura platforms meet relevant compliance benchmarks.
A few examples of technologies we work with daily include AWS Core Services, API Gateway, Lambda, Sumo Logic, Data Dog, Docker, Linux, Windows, Okta, PostgreSQL, MS SQL Server, MongoDB, Databricks, Node.JS, Python, Kubernetes, GitHub, GitHub Actions, StackHawk, JIRA & Confluence, LaunchDarkly, GraphQL, OneTrust, Tenable, CrowdStrike, and Snowflake.
Responsibilities include risk & compliance tracking against government standards, tracking and remediation management of vulnerability issues, reviewing and recommending changes to existing AWS security-minded services, and working with managed security service providers to respond to potential security events.
You will develop security-minded reports and dashboards, implement a security system alerting and monitoring strategy, and provide operational support of our applications and platforms.
The role requires serving in an on-call rotation for security or potential security-related issues.
Requirements:
The candidate must have experience securely delivering in a complex AWS-based micro-services application environment.
A strong understanding of AWS-based security tooling and services is required.
The candidate should have a strong understanding of AWS-based IAM roles and accounts, as well as AWS CloudWatch/Athena.
Proficiency and understanding of the AWS console and CLI are necessary.
A minimum of 3 years of experience securing a similarly complex AWS-based environment is required.
The candidate should have at least 5 years of IT experience designing and implementing security solutions.
Strong scripting and automation skills are essential, with a belief in automating everything.
Hands-on experience with troubleshooting, securing, and improving AWS environments is required.
Familiarity with the concepts of microservice architecture as implemented in AWS is necessary.
Experience installing, configuring, managing, and patching cloud-based and on-prem systems is required.
A solid security foundation is essential, with a mindset of considering potential system compromises.
Experience working with application development teams in Agile/Scrum/Kanban environments is preferred.
The candidate should be able to balance security requirements with budgetary constraints.
Experience with SaaS-based solutions that integrate with AWS is a plus.
Proficiency in Linux and Windows administration is required.
Information Security experience is preferred.
A BS in Computer Science, Software Engineering, or equivalent, or a Bachelor’s in an unrelated field with at least 5 years of professional technology-based experience is required.
AWS Security – Specialty certification is strongly preferred, along with additional AWS certifications and other relevant certifications.
The candidate should be detail-oriented, data-driven, and a collaborative team player, comfortable mentoring others and communicating cross-functionally.
Benefits:
The position offers a mission-driven culture.
A comprehensive health and benefits package is provided.
There is a 401k company match that vests immediately upon participation.
Paid holidays and a generous PTO policy are included.
