Security Engineer

Summary

Join Precisely's global Product Security team as a Security Engineer to implement key internal security programs across a diverse portfolio of 100+ products. This role involves securing cloud-hosted applications and products, contributing to the secure development lifecycle, and responding to security incidents. You will collaborate with security operations, application security, engineering, and product teams to enhance the security posture of Precisely's products. This position offers significant growth and specialization opportunities within a company committed to career development and a "work from anywhere" culture. Precisely is a leader in data integrity, empowering businesses with trusted data for confident decision-making. The company values openness, determination, individuality, and collaboration.

Requirements

• 4+ years minimum of Security Experience Required
• Demonstrable expertise in Microsoft Azure cloud security design, implementation and operations is required
• Familiarity with cloud hosted deployment models and their associated attack vectors in Azure, AWS and GCP is essential
• Demonstrated excellence in English communication skills in a stakeholder facing environment
• Must be self-directed, resilient, and creative

Responsibilities

• Monitor, analyze and respond to security events and incidents and participate in forensic investigations
• Manage identity and access controls, including role-based access, SSO, MFA and zero trust implementation models
• Participate in Red and Purple Teaming activities
• Assist with Threat Modelling and product design security reviews
• Investigate possible issues in a cloud hosted production environments and assist in ensuring secure configurations are deployed with our SRE and DevOps teams
• Consult on security best practices across our Engineering, Cloud, SRE, DevOps and Product management groups to achieve end to end security for our products
• Collaborate with the application development teams to ensure a common and shared understanding of any security issues
• Help develop internal security standards, procedures and policies
• Implement automation and security orchestration processes to reduce the time to contain serious security threats or auto-remediate commodity level security findings
• Review and understand results from vulnerability scanning tools and security event logs
• Research and advise on usage of the latest tools and techniques to secure cloud hosted deployments
• Maintain awareness of the latest security trends and zero-day findings

Preferred Qualifications

• Proficiency in AWS and Google Cloud Platform security design, implementation and operations is highly desirable
• Experience performing security testing on cloud infrastructure is highly desirable
• Experience performing web application security testing is a plus
• Advanced knowledge of security tooling and vulnerability toolkits
• Good understanding of application architectures designs, and the common tech stacks involved
• Familiarity with the OWASP Top 10 and MITRE ATT&CK framework is a plus
• Working knowledge of common authentications models (SAML, OAuth, OIDC, JWT)
• Knowledge of Kubernetes related security and attack vectors (or other container-based deployments) is desirable
• Knowledge of WAF / DDoS protection and mitigation options and virtual patching techniques
• Experience with scripting and automation (Python, Bash, PowerShell, workflow engines or other automation systems)
• Working knowledge of FedRAMP requirements and processes advantageous
• Software Engineering background useful
• CISSP, CSSLP and other similar certifications can help
• Full agile scrum working experience a benefit