Remote Senior Security Engineer

closed
Logo of EnergyHub

EnergyHub

๐Ÿ’ต $130k-$170k
๐Ÿ“Remote - United States

Job highlights

Summary

Join EnergyHub's team as a Senior Security Engineer to enhance the security of our infrastructure and software development lifecycle. This role will be hands-on with our cloud infrastructure and development toolchain, focusing on strategy and implementation to drive meaningful long-term improvements.

Requirements

  • You have in-depth knowledge of security principles and best practices developed over 7+ years of experience
  • You've managed AWS all the way from security groups to organizations and know the ins and outs of securing AWS infrastructure
  • Youโ€™re comfortable tackling ambiguous projects that require you to gather information from multiple stakeholders and formulate a clear plan of action
  • You like to manage all your infrastructure as code, using tools such as Terraform, CloudFormation, or Ansible
  • You understand the security implications of containerized environments such as Kubernetes or ECS, and you know your way around container build processes
  • Youโ€™re comfortable on the command line, can hack together a decent shell script, and have solid fundamentals of Linux system administration
  • You have a good understanding of core networking concepts such as TCP/IP, routing, and DNS, and of network security foundations such as ACLs, firewalls, and TLS
  • You have experience administering declarative CI/CD workflows in one tool or another. (We use GitHub Actions.)
  • You can write useful Python or another high-level, general-purpose programming language
  • You stay on top of industry developments and have a good overall sense of the security solution spaces
  • Youโ€™re familiar with security management frameworks such as CIS Controls, OWASP, etc

Responsibilities

  • Keep raising the bar for EnergyHub's infrastructure security to ensure customer data remains protected
  • Enable our engineering team to be highly productive, safely. Make it easy to do things the right way
  • Develop strategy for and participate in EnergyHub maintaining or achieving compliance with various regulatory frameworks such as SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP and others
  • Help guide the team in design and implementation of secure cloud infrastructure as we roll out improvements and new features
  • Identify and implement new controls to enhance our defense in depth
  • Operate and automate our vulnerability management programs for applications, containers, and VMs
  • Manage core security tools and technologies such as SIEM, cloud security posture management, etc
  • Play a key role in cross-company security and compliance efforts
  • Partner with our parent security team (EnergyHub is an independent subsidiary of Alarm.com) to leverage additional tools and resources and capitalize on our collective strengths

Preferred Qualifications

  • Bonus: youโ€™ve worked on compliance efforts for audit frameworks such as SOC 2 or ISO 27001
  • Bonus: youโ€™re familiar with NERC-CIP

Benefits

  • 100% paid medical for employees
  • 401(k) with employer match
  • Casual environment
  • Flexibility to set your own schedule
  • Fully stocked fridge and pantry
  • Free Citi Bike membership
  • Secure bike rack
  • Gym subsidy
  • Paid parental leave
  • Education assistance program
This job is filled or no longer available