Remote Senior Security Engineer
closedEnergyHub
๐ต $130k-$170k
๐Remote - United States
Job highlights
Summary
Join EnergyHub's team as a Senior Security Engineer to enhance the security of our infrastructure and software development lifecycle. This role will be hands-on with our cloud infrastructure and development toolchain, focusing on strategy and implementation to drive meaningful long-term improvements.
Requirements
- You have in-depth knowledge of security principles and best practices developed over 7+ years of experience
- You've managed AWS all the way from security groups to organizations and know the ins and outs of securing AWS infrastructure
- Youโre comfortable tackling ambiguous projects that require you to gather information from multiple stakeholders and formulate a clear plan of action
- You like to manage all your infrastructure as code, using tools such as Terraform, CloudFormation, or Ansible
- You understand the security implications of containerized environments such as Kubernetes or ECS, and you know your way around container build processes
- Youโre comfortable on the command line, can hack together a decent shell script, and have solid fundamentals of Linux system administration
- You have a good understanding of core networking concepts such as TCP/IP, routing, and DNS, and of network security foundations such as ACLs, firewalls, and TLS
- You have experience administering declarative CI/CD workflows in one tool or another. (We use GitHub Actions.)
- You can write useful Python or another high-level, general-purpose programming language
- You stay on top of industry developments and have a good overall sense of the security solution spaces
- Youโre familiar with security management frameworks such as CIS Controls, OWASP, etc
Responsibilities
- Keep raising the bar for EnergyHub's infrastructure security to ensure customer data remains protected
- Enable our engineering team to be highly productive, safely. Make it easy to do things the right way
- Develop strategy for and participate in EnergyHub maintaining or achieving compliance with various regulatory frameworks such as SOC 2, SOX, ISO 27001, NIST-SP-800, NERC-CIP and others
- Help guide the team in design and implementation of secure cloud infrastructure as we roll out improvements and new features
- Identify and implement new controls to enhance our defense in depth
- Operate and automate our vulnerability management programs for applications, containers, and VMs
- Manage core security tools and technologies such as SIEM, cloud security posture management, etc
- Play a key role in cross-company security and compliance efforts
- Partner with our parent security team (EnergyHub is an independent subsidiary of Alarm.com) to leverage additional tools and resources and capitalize on our collective strengths
Preferred Qualifications
- Bonus: youโve worked on compliance efforts for audit frameworks such as SOC 2 or ISO 27001
- Bonus: youโre familiar with NERC-CIP
Benefits
- 100% paid medical for employees
- 401(k) with employer match
- Casual environment
- Flexibility to set your own schedule
- Fully stocked fridge and pantry
- Free Citi Bike membership
- Secure bike rack
- Gym subsidy
- Paid parental leave
- Education assistance program
This job is filled or no longer available
Similar Remote Jobs
- ๐ฐ$185k-$223k๐United States
- ๐ฐ$225k-$255k๐United States
- ๐United States
- ๐United States
- ๐India
- ๐United States
- ๐Germany
- ๐United States
- ๐United States
- ๐Worldwide