Staff Engineer – Infrastructure Engineering, Linux
GEICO
DockerGoKubernetesLinuxRustSDLC
Senior Security Infrastructure Engineer
Bluesight
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $120,000 - $145,000 per year
Job Level
Senior
Tech Stack
AWSCloudSplunk
About the role
- Build and manage, well-architected and relevant cloud-based data classification and threat detection systems for assessing and resolving risk vectors
- Partner with internal product teams to implement a secure-by-default design into their own products
- Perform security audits and risk assessments, identify vulnerabilities, and create plans and preventative measures to protect against threats.
- Assist with responses to customer questions, questionnaires, and contract issues regarding compliance and security.
- Conduct reviews, train employees and advise on matters related to security and compliance across Bluesight
- Lead security incident response teams and partner with Bluesight engineering teams to understand and resolve incidents that arise
- Promote a culture of operational excellence by monitoring our systems and code, and being on-call to support the health of our services
- Design security policies and procedures that will keep pace with the rapid growth of Bluesight
- Document your work and decision-making processes, and lead presentations and discussions in a way that is easy for others to understand
- Uphold a culture of collaboration, transparency, creativity, inclusion, and making data-driven decisions
Requirements
- 5+ years of experience in product or infrastructure security-related software engineering roles
- Proficiency in a programming language, testing practices, and thorough documentation
- Expertise with multiple technologies in the Bluesight Security System and our infrastructure as required: Cloud-based IaaS Systems - AWS required, Vulnerability Mgmt. and Scanning (such as Nessus, OpenVAS) SIEM and logging technology (such as Splunk, Elastic, LogRhythm, SolarWinds) Enterprise VPN (such as Cisco AnyConnect, Fortinet VPN, Palo Alto Global Protect) Host-based security tools (such as Sophos, ClamAV, Wazuh/OSSEC, Tripwire)
- Experience developing, implementing, and monitoring internal practices for SOC2, HIPAA or ISO information security compliance standards
- Ability to represent Bluesight’s security posture and the maturity of our operations to customers
- Subject matter expertise in security best practices and the ability to quickly make correct risk assessments that prioritize the overall benefit to the company
- Track record of building self-service and high-quality tools with a customer-driven mindset
- A desire to share your expertise through documentation and mentorship
- A desire to work with individuals with diverse security ideas and priorities
- Autonomy and proactivity around driving work to completion in the face of ambiguity
Benefits
- Competitive salary
- Time off when you need it – unlimited vacation days!
- Generous insurance coverage
- 401k program with a company match
- Fun, collaborative culture!
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cloud-based data classificationthreat detection systemssecurity auditsrisk assessmentsvulnerability managementprogramming languagestesting practicesdocumentationsecurity best practicesSOC2 compliance
Soft skills
collaborationtransparencycreativityinclusiondata-driven decision makingmentorshipautonomyproactivitycommunicationleadership
Certifications
HIPAAISO information security compliance
