Senior Security Operations Engineer
To succeed in this role, you’ll have
- Deep subject matter expertise in IT and security engineering best practices
- Hands on experience using Identity and Access Management (IAM) and Mobile Device Management (MDM) programs to manage risks & create a secure ecosystem
- Experience building and developing processes to enforce least privilege in a transparent way to manage security threats
- A detailed understanding of securing the work environment and technical ecosystem of a fully distributed team, including significant experience securing and managing distributed Apple, Linux, and Windows devices
- Deep familiarity with cloud based services, their integrations, and associated risk models
- Exposure to and interest in code-as-infrastructure patterns
- Owned multiple full-lifecycle projects from design through implementation
In this role you will
- Design, implement, and maintain systems to help us operationalize our security and make secure decisions clear. You’ll stay on top of evolving threat intelligence and vulnerability data to help Art Blocks respond to active and potential threats.
- Define, implement, and refine how we manage endpoints to solve the question of how we double in size and get more secure. You’ll be identifying gaps in our systems, designing new solutions, and driving implementation to meet the needs of our growing organization.
- Orchestrate and monitor our cloud-based systems to detect and respond to threats through our whole ecosystem. You’ll prioritize the risks and strategically take action to solve the most critical issues first.
- Actively contribute to our vulnerability management program by aligning our monitoring and mitigation efforts with known vulnerabilities.
- Lead emerging trend research, orchestrate product evaluations, and select the latest industry standards and tools. Help us see around corners by researching and testing new technologies that can improve our security posture.
- Lead the strategic design, implementation, and support of cutting-edge IT security tooling across cloud services, empowering our fully distributed team.
- Perform security and risk assessments, threat modeling, and remediation in collaboration with engineering.
- Conduct vulnerability scans, perform attack simulations, and coordinate pen-tests.
- Collaborate with engineering to implement a secure infrastructure.
- Drive concurrent projects and manage competing priorities by communicating proactively.
- Drive operational excellence through documentation of best practices and comprehensive employee training initiatives.
- Leverage your expertise to perform in-depth system analysis, identifying opportunities to implement robust defense mechanisms while strategically planning for future scalability.
- Foster collaboration with cross-functional teams, including engineers and key stakeholders, to ensure the seamless delivery of reliable services, APIs, and critical systems.
- Work collaboratively with product teams, drive collaboration across the distributed organization, and participate in on-call rotation if necessary in the future.
What you’ll bring
- 4+ years of relevant experience in, security, SRE, IT, or similar role at a technology company and 4+ years working in security operations
- Experience with managing and deploying MDM solutions like Kandji, JAMF, Hexnode, InTune, etc.
- Experience with deploying and managing Identity and Access Management (MFA, SSO, Password Management, etc.)
- Familiarity with incident response in AWS, SaaS, MacOS, and Linux
- Experience with mass deployment of security products in regards to email security and systems security
- Automate security analysis, administration and remediation procedures, workflows, and tasks
- Familiarity with modern cloud security stack that spans cloud and device management
- Experience with one or more object oriented programming language (e.g. Java, Python, etc.).
- Solid problem solving and communication skills that you’ve honed by collaborating across teams in prior roles
- Ability to navigate ambiguity and map a path towards sustainable, elegant solutions
- Proficiency in object oriented programming languages
- Expertise in IT compliance frameworks such as SOC2, ISO, etc.,
- One or more current and valid certifications directly applicable or complementary to the role and area of expertise such as: current Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), etc.
- AWS, Hasura & Terraform
- The Graph
- Infura, Alchemy
- Popular web3 libraries (ethers.js, web3.js)
- Remote work environment, flexible hours
- Competitive salary, bonus, and equity
- Unlimited PTO: everyone is required to take a minimum of 20 days PTO per year, and you are welcome to take more (with the support and approval of your manager)
- 14 company days off in accordance with the holiday closure calendar
- 12 weeks parental leave
- In-person employee meet-ups at hosted team events as well as industry conferences
- Budget for WFH setup (laptop, monitor, headphones, keyboard, etc.) to make sure you have the hardware and tools needed to do great work.
- Participation in Employee Charitable Giving Program and pride to work at an organization that has given over $20 million to charitable causes in two years
- Healthcare benefits, including vision, dental, FSA, HSA
- Life & disability insurance
Something looks off?