RebelMouse serves over 90 million unique visitors monthly. Considering our rapidly growing business and the fast pace of the media industry, we're expanding our team to ensure our security is first in class and ISO 27001 compliant. This is why we are opening up a position for a Lead Cyber Security Engineer.
Responsibilities:
- Serve as a thought leader, solutions visionary, and technology expert
- Clearly communicate cloud security-related concepts to a broad range of technical and non-technical team members
- Assist developers and product managers in performing security code reviews, developing and conducting vulnerability awareness and avoidance training programs, and implementing a comprehensive set of secure SDLC processes
- Actively assess existing cloud implementations, identify security issues, and fix any issues found
- Engineer and implement new cloud security tools to feed our DevOps/SecOps processes to ensure the solvency of cloud compute resources
- Provide daily, ongoing security oversight of SecOps operations, including the security impact of proposed modifications, additions, and technology implementation/refresh operations
- Understand system security vulnerabilities and associated threats, and assess the overall security risks to the system
- Provide mitigation recommendations to reduce identified security risks
- Work directly with internal development and DevOps teams, as well as prospects and customers to establish and enforce IT security best practices, protection objectives, process improvements, and effective IT security controls
- Perform system vulnerability scanning using approved software tools and automation
- Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime
- Thoroughly understand DevOps ideologies with the ability to drive and communicate change supporting DevOps/SecOps methodology within the organization
- Serve as the primary interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation
- Participate in designing and managing IT security strategy, including both infrastructure and applications
- Lead security and compliance-based projects involving cloud, operating systems, applications, database, security issues, and other requirements
Job requirements:
- Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology, or another related discipline with 7+ years of related professional experience
- 7+ years of experience as a Security Engineer supporting software architecture development environments
- Experience with AWS, Kubernetes, Ansible, and Terraform
- Experience with common scripting languages (e.g., Python, JavaScript/Node.js)
- Familiar with DevOps and Agile methodology
- Knowledge of cloud networking architecture, cloud operations, security, and automation
- Experience understanding protocols, such as SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S, NFS, SNMP, and DNS
- Experience in networking concepts and services, such as VPNs, IPsec, PKI, and TCP/IP
- Familiar with high availability (HA) and failover implementations
- Ability to work with minimal direction on a variety of, and sometimes ambiguous, requirements
- Organized, responsive, and highly thorough problem solver
- Strong written and oral communication skills