Junior Infrastructure Security Engineer

Summary

Join Sauce Labs as a Junior Infrastructure Security Engineer and gain hands-on experience securing critical infrastructure and cloud environments. You will identify vulnerabilities, implement security controls, and contribute to the overall security posture. Responsibilities include assisting with security control implementation and maintenance, conducting security assessments, analyzing security events, applying security frameworks, securing cloud infrastructure, developing shell scripts, documenting security procedures, and participating in on-call rotation. The role requires a degree or equivalent experience, 1-2 years of relevant experience, Linux server knowledge, shell scripting proficiency, familiarity with security frameworks, understanding of CSPM and cloud security, and knowledge of vulnerability scanning tools. Preferred qualifications include experience with macOS, analyst roles, sysadmin, automation systems, open-source SIEMs, IDS systems, DFIR tools, and related security verticals. Sauce Labs offers a hybrid workplace and competitive benefits.

Requirements

• Associate's or Bachelor's of Science degree in a relevant field, or equivalent practical experience
• 1 -2 years of hands-on experience in IT support, systems administration, or cybersecurity-related positions
• Demonstrable knowledge of Linux servers, preferably Ubuntu, including related usage and basic administrative tasks
• Proficiency in a shell scripting language, such as zsh or bash
• Familiarity with common security frameworks, such as MITRE ATT&CK, MITRE ATLAS, OWASP Top 10, Cyber Kill Chain, Pyramid of Pain, or similar
• Understanding of Cloud Security Posture Management (CSPM) and general Cloud Security practices in at least one major cloud provider, with a preference for Google Cloud Platform
• Knowledge of common vulnerability and security scanning tools, such as Tenable Nessus, OpenVAS, SAST, DAST, and SCA

Responsibilities

• Assist in the implementation and maintenance of security controls across our Linux and Kubernetes environment, with a focus on Ubuntu and Google Kubernetes Engine
• Conduct regular security assessments and vulnerability scans using tools like Tenable Nessus or OpenVAS
• Support the team in analyzing security events and responding to incidents
• Apply knowledge of common security frameworks (MITRE ATT&CK, OWASP Top 10, etc.) to assess and improve security measures
• Contribute to securing our cloud infrastructure, with a preference for Google Cloud Platform, applying CSPM and general cloud security best practices
• Develop and maintain shell scripts (zsh or bash) for automation and security-related tasks
• Document security configurations, procedures, and incidents
• Participate in an on-call rotation supporting nights and weekends

Preferred Qualifications

• Experience administering macOS workstations
• Prior experience in an analyst role
• Experience as a SysAdmin
• Experience with programming or automation systems, such as Ansible, Python, or SaltStack
• Experience building an open source SIEM, such as Wazuh, Security Onion, or building from scratch leveraging technologies such as Graylog, ElasticSearch or OpenSearch, or similar
• Experience responding to or managing IDS systems, such as Suricata, Zeek, Snort, Wazuh, Falco, or similar
• Experience with DFIR tools, such as Velociraptor, OSQuery, or similar
• Experience or knowledge in related verticals, such as application security, mobile security, corporate endpoint security, or SaaS Security

Benefits

• Health coverage (medical, dental, and vision)
• Disability and life insurance
• Parental leave benefits
• Flexible time off
• Professional development
• A 401(k) retirement plan with match