You are a reliable engineer who can architect and deliver! You enjoy working closely in cross-functional teams while understanding and anticipating the agile infrastructure and security needs of the development and QA processes. You are a craftsperson as well as an Engineer and have an intuition when to consider “build vs buy.” You thrive working in a fast-paced environment where you can be challenged and have a direct impact on the success of Giant Oak’s SaaS technology, GOST.
- Maintain, operate, secure, and optimize cloud computing environments.
- Identify malicious or anomalous activity based on event data from various sources, including network, endpoint, application, and other security tooling.
- Maintenance and administration of endpoint security tooling.
- Perform application and operating system security monitoring, scanning, and alerting while producing and reviewing metrics.
- Perform design reviews and risk assessments for new applications or features integrating with core services.
- Coordinate with appropriate internal teams in identifying, reviewing, and mitigating discovered findings and/or risks.
- Analyze internal and external security threats while providing relevant information to customers, suppliers, and partners.
- Maintain awareness of threats and vulnerabilities related to hybrid systems and continually assess the overall security risks to the system.
- Create and maintain documentation for new and existing processes and deployments.
- Generate innovative solutions and develop proof-of-concepts and rapid prototypes.
Desired Skills & Experience:
- 2+ years of hands-on implementation experience in security or operations with specific emphasis on cloud security (AWS)
- Experience participating in security compliance efforts (ISO, SOC, PCI DSS, FedRAMP, etc.)
- Familiar with Infrastructure-as-Code
- Hands-on experience with modern computing platforms (Containers, Serverless, etc.)
- Familiar with log management and aggregation tools (ELK, SumoLogic, etc.)
- Experience working with modern automation and configuration management tools
- Experience in at least one programming language (Python, Java, Go, etc.)
- Knowledge of IT Operations and System Administrator Roles (Windows/Mac/Linux)
- Familiarity of OWASP Top 10 Web Application Security Risks
- Comfortable navigating a broad range of systems and technologies with an ability to ‘put it all together’
- Experience working in an agile development environment
- Self-motivated and willing to handle competing priorities in a fast-paced environment
- Professional certifications are considered a plus
- Eligible for a US Security Clearance