Senior Security Engineer

Summary

Join Wasabi Technologies as a Senior Security Engineer and play a crucial role in securing our cloud storage platform. You will be responsible for managing and maintaining our security infrastructure, collaborating with development and operations teams, and ensuring the security of our systems and deployment pipelines. This role requires extensive experience in security technologies, cloud platforms (AWS, GCP, or Azure), and identity management systems. You will work with various security tools and technologies, assess and address vulnerabilities, and stay updated on emerging security threats. The ideal candidate will have a strong background in Linux, system administration, and a proven track record of implementing IAM systems. Wasabi offers a dynamic and challenging work environment in a fast-growing company.

Requirements

• 5+ years of experience with security technologies and products such as firewalls, intrusion detection/prevention systems, endpoint protection, vulnerability scanners, Kubernetes security, and infrastructure security
• Practical experience in Linux fundamentals, system administration, and package management
• 3+ years of hands-on experience managing and integrating with an identity provider (we use Okta) and HashiCorp Vault
• Familiarity with cornerstone Security principles such as Least Privilege
• 5+ years of implementing IAM systems, automating user privilege attestation, and designing custom groups/roles to adhere to regulatory requirements
• 5+ years experience with cloud platforms such as AWS, GCP, or Azure

Responsibilities

• Manage and maintain identity management solutions, including tasks such as group creation, batch user management, internal audits, and other administrative tasks within an Enterprise class IAM system
• Develop, implement, identify, integrate, and maintain security controls automation and security operations. Collaborate with business and technology partners to define the least privileged roles in applications and systems
• Oversee, maintain, and enhance vulnerability management systems using a mix of internal tools and third-party resources
• Work closely with the security team to assess, prioritize, and address vulnerabilities in various internal ecosystems (networking, Docker images, Kubernetes, Linux, etc.). Collaborate with other security professionals and DevOps engineers to develop and implement effective security strategies
• Sustain and elevate our SIEM platform for improved efficacy and efficiency
• Stay abreast of emerging security threats and trends to ensure up-to-date knowledge

Preferred Qualifications

• 5+ Regulatory background (FedRAMP, DoD, HIPAA)
• Relevant security certifications (CISSP, CKS, GIAC)
• A functional knowledge of Kubernetes, Terraform, and Ansible