This position is for an experienced DevOps engineer to own Security efforts for our entire application stack and join our 8 person DevOps team. We’re looking for someone with a strong track record in building infrastructure, maintaining high level of uptime and optimal security. You will be supporting and building products alongside our 50+ person engineering team used by hundreds of thousands of people.
How you’ll make an impact:
- Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
- Write penetration tests for applications and services.
- Periodically audit and rotate access credentials.
- Document current and future security procedures and policies in the wiki.
- Lead security/policy related audits such as SOC2 Type II (annual renewal).
- Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.
- Remediate and write post-mortem reports on security-related issues.
- Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.
- Work on automating tasks using Jenkins.
- Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.
- Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.
- Write Chef cookbooks (using “Berkshelf Way”) to automate configuration management.
- Participate in a 1-week on 7-week off, 24/7 on-call rotation.
- Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.
- Troubleshoot issues across the whole stack: hardware, software, and network.
What we’re looking for:
- Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.
- Minimum of 5 years of relevant web application security experience
- Extensive AWS experience
- Experience writing application security penetration tests with an open source framework.
- Automation experience with configuration management tools such as Chef, Ansible, or Puppet.
- Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus)
- Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.
- Experience automating application deployments with Capistrano or Jenkins.
- Ability to work in a proactive manner and manage your own queue.
- Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.