Role Description: Associate Security Engineer - Infrastructure
Role Background:
As anAssociate Security Engineer at Wasabi Technologies, you will be bridging the gap between development and operations, ensuring the highest level of security for our cloud storage platform, improving our security posture from the development cycle through production in our data centers around the world. You will help deploy, configure, and maintain components of our security stack. This individual will contribute to ongoing projects and support initiatives, ensuring alignment and knowledge sharing across the team.
At Wasabi, we build and maintain our entire infrastructure, starting with rack space and power, to networking, Kubernetes clusters and workloads. Your experience with cloud security in AWS, Azure, or Google Cloud is extremely relevant, but this will be a different set of challenges.
*Principals Only. No Recruiters.
\n- Implementation and upkeep of container security solutions and stack, involving image scanning, static analysis, dependency analysis, and other components within Continuous Integration pipelines.
- Implement, develop, Identify, Integrate, Communicate and maintain security controls automation and Security Operations.
- Oversight, maintenance, and advancement of vulnerability management systems, utilizing a combination of in-house tools and third-party resources.
- Collaboration with the security team to evaluate, prioritize, scrutinize, and formulate solutions for vulnerabilities identified in Linux and application ecosystems (including go and JavaScript). Additionally, employing Terraform, Ansible, Python, and go to design and implement new services.
- Collaborative effort with fellow security professionals and DevOps engineers to devise and implement security strategies and best practices.
- Sustaining and elevating our SIEM platform for improved efficacy and efficiency.
- Staying abreast of emerging security threats and trends to ensure up-to-date knowledge.
- 2+ years DevOps tool expertise and industry best practices. Regulatory background preferred (FedRAMP, DoD, HIPAA).
- 2+ years of SIEM experience, with additional regulatory exposure being beneficial. Expertise in Kubernetes and infrastructure security desirable.
- Experience with Infrastructure-as-Code or Configuration Management tools, such as Terraform, Ansible, etc.
- Hands-on experience with Okta and HashiCorp Vault.
- Experience with monitoring & logging tools like Prometheus, Grafana, or Splunk is a plus.
- Practical experience in Linux fundamentals, system administration, package management, adeptness with security tools, and hands-on TCP/IP networking expertise.