DevOps Engineer, Security
JOB FUNCTION DevOps Engineer, Security
LOCATION Headquarters:San Francisco, CA,USA
- Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
- Write penetration tests for applications and services.
- Periodically audit and rotate access credentials.
- Document current and future security procedures and policies in the wiki.
- Lead security/policy related audits such as SOC2 Type II (annual renewal).
- Work with sales and client services teams to answer infrastructure related security questions and concerns that clients inquire about.
- Remediate and write post-mortem reports on security-related issues.
- Active involvement in design, implementation, and maintenance of the development, staging, and production infrastructure security.
- Work on automating tasks using Jenkins.
- Troubleshoot system issues (such as high-load, memory, CPU usage, etc.) and come up with temporary/long-term solutions based on the root cause.
- Work with developers to deploy applications ready for production (Terraform, Consul, Vault, Upstart, NGINX, Sensu). We believe in infrastructure as code and follow it.
- Write Chef cookbooks (using “Berkshelf Way”) to automate configuration management.
- Participate in a 1-week on 7-week off, 24/7 on-call rotation.
- Hands-on maintenance on our Ruby on Rails and Go (Golang) applications.
- Troubleshoot issues across the whole stack: hardware, software, and network.
- Minimum of 5 years of Linux/UNIX systems engineer & administrator experience.
- Minimum of 5 years of relevant web application security experience
- Extensive AWS experience
- Experience writing application security penetration tests with an open source framework.
- Automation experience with configuration management tools such as Chef, Ansible, or Puppet.
- Intermediate to advanced experience administering and securing an RDB (MySQL or Postgres a plus)
- Proficient in bash shell scripting (sed + awk) and one of Ruby or Python.
- Experience automating application deployments with Capistrano or Jenkins.
- Ability to work in a proactive manner and manage your own queue.
- Experience with Hashicorp tools, Neo4j, Elasticsearch, Kibana, Grafana is a big plus.
Apply for this Position
If you can see yourself in this remote role and feel you can add to the ongoing success of In Marketing We Trust, then apply via https://workat.doximity.com/positions/
You may also be interested in these jobs below