Job Description
Summary
Our Security Engineering team is growing, helping Ripplers design, build, and use on-premise and cloud infrastructure securely at scale. Infrastructure Security Engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. This team works closely with Ripples IT organization and Cloud Engineering and Operations teams to ensure we are building securely to protect our business and our customers. In this role you may find yourself working to enforce perimeters to protect all of Ripples environments, strategizing IAM solutions, detecting vulnerabilities and ensuring patching processes, assessing and securing public cloud infrastructure, and more. You will also support, develop and deploy tools and services to support a secure infrastructure. All with the intention of influencing policy to simplify user experience and keep Ripple secure.What Youll Do
- Partnering and consulting with colleagues on remediation design and solutioning
- Continuous improvement of relevant security systems and services
- Analyze complex security issues to improve the overall posture of the firm by evaluating new functionalities and ensure preparation for production implementation
- Responsible for providing all levels of support for tactical and strategic related issues related to information security systems and services
- Collaborate with product owners and engineering teams to ensure smooth transition of the Vulnerability Management technologies into production and ensure maximum visibility into a variety of environments
- Work closely with engineering to identify opportunities for automation eliminating manual operational toil and improving quality
- Maintaining security hardening configurations and guidance for the diverse set of service available across AWS, GPC and other public cloud providers
- Responsible for maintaining current versions of functionalities and technologies in production by effecting change management processes
- Proactively participate in compliance support activities such as trainings, audit prep, playbook authoring and ensure business as usual (BAU) activities are completed accurately and artifacts are produced as required
What Were Looking For
- 5+ years of industry experience securing public cloud services and the devops deployment process
- Strong devops skill set to support collaboration of team scripting and development activities, to include knowledge of Python, git, artifactory and how to leverage them
- Strong knowledge of course networking components and a history of executing network security
- Familiarity with the CIS benchmarks and how to monitor and remidiate deficiencies
- Experience in Cloud Computing like AWS, GCP with emphasis on Cloud Baseline management tools like Lacework
- Experience in Information Security frameworks and best practices for Vulnerability management, Risk Analysis, Reporting Metrics and Assessments
- Problem solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity
- Highly innovative with creative contributions to asset discovery and real world risk assessments
- Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism
- Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others expertise and considering others feelings and working styles
- Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions
- Understands and anticipates people's needs, skills, and abilities, to coach, motivate and empower them for success
- Nce to have infosec certifications: CISSP, CEH, CISA, CRISC
- Nice to have core certifications such as: CCNA, CCNP
Skills
- Communications Skills
- Data Security
- Data Structures
- Security System Management