Senior Security Engineer

Summary

Join Core Scientific as a Sr. Security Engineer and play a pivotal role in securing our next-generation financial system. This impactful role spans all areas of the company, from operations to finance and technology. You will be a key member of the Information Security team, ensuring the performance, stability, and security of Core Scientific's infrastructure. Responsibilities include defining security requirements, driving compliance, building and deploying secure code, conducting security audits, and leading red team campaigns. The ideal candidate possesses extensive experience in SecDevOps, cloud architecture, automation, and scripting, along with a strong understanding of agile methodologies and security best practices. This is a full-time, remote position with minimal travel.

Requirements

• 3+ years’ experience in SecDevOps and/or Infrastructure Engineering or equivalent experience as a Full Stack Software Developer, responsible for coding either/both application and infrastructure
• 3+ years of experience working with cloud architecture and services in multiple public clouds (Amazon Web Services, Microsoft Azure, Google Cloud Platform, or IBM Cloud)
• 3+ years of experience in automation of code deployment in both on premise environments and multiple cloud providers
• 3+ years’ experience with software configuration management systems
• 3+ years’ experience with virtualization and containerization architecture (Kubernetes)
• Experience with build and release Management – GitHub, Apache, Make, Jenkins
• Strong understanding of modern engineering practices including Scrum and Kanban
• Basic networking knowledge: TCP/UDP, DHCP, DNS, routing and HTTP and systems architecture, including Unix, Linux (BSD, Arch, Ubuntu, Gentoo, Kali, parrot, etc.), OpenVMS, FlashCopy, HP/UX, Tru64
• Deep understanding of agile and lean principles with demonstrable success in leading enterprise-level IT process re-engineering and transformational projects using a client focused consultative approach
• Strong scripting skills (Python, Perl, Bash, Ansible, BASH, Terraform)
• Understanding of Active Directory, Windows group policies, and Linux integration with Active Directory
• Strong analytical and troubleshooting skills
• Excellent communication and interpersonal skills

Responsibilities

• Define, capture, and interpret product/system security requirements
• Drive Compliance (SOX, SOC, CIS, NIST) company-wide
• Remain on top of current threat landscape
• Build, integrate, test, monitor and deploy InfoSec code
• Audit services for compliance
• Manage, track, and document changes to code
• Further Security as Code initiatives
• Partner to ensure secure, immutable infrastructure through infrastructure as code
• Maintain InfoSec’s infrastructure, both on-prem as well as cloud
• Own Red Team Campaigns, Gamedays and tabletop exercises
• Drive best practices across InfoSec as well as Core Scientific as a whole
• Be a thought leader and mentor within the company for junior/mid-level engineers

Benefits

• Remote work
• Full-time position