Sr. AWS Security Engineer
San Francisco, CA

Job Description

Our mission is to help people everywhere find a job and company they love. We are disrupting an industry by changing how people search for jobs and how companies recruit top talent.

Because of the nature of Glassdoor's platform, nearly every system we operate houses sensitive personal data, making the security team an extremely meaningful and impactful team in a very dynamic environment.

We are looking for hardworking people who want to make the Glassdoor platform safer for millions of customers around the world. We'd love to talk to you if you're are an individual who is passionate about finding security weaknesses and crafting scalable and usable solutions.

Is your security expertise matched by your humility and willingness to problem-solve with others? If so we're the team for you!

Responsibilities

* Building tools or implement systems that DevOps (love to) use and that improve security posture.
* Work side by side with DevOps and IT Engineers design more secure systems.
* Plan and execute security hardening efforts across all our cloud environments.
* Helping engineers Automate the automatable and collaborate with software and infrastructure engineers to improve our continuous integration platform
* Working to identify areas of security weakness This could mean manual penetration testing or more significant projects that provide some automation for finding vulnerabilities.
* Improving data security through the use of encryption/key management, segregation, or other techniques to improve defense-in-depth.

Requirements

* Think like an attacker and use that context to develop threat models
* Experience implementing AWS security and hardening, especially in a large complex environment.
* Deep knowledge of AWS IAM and AWS network principles
* Ability to work with automation tools such as Terraform, CloudFormation, Ansible, etc.
* Select or design/build/implement new tools for improving security posture.
* Develop and enforce cloud security standards in AWS including IAM policies, security groups, S3 bucket policies, etc.
* Develop an automated framework for security tool deployment, leveraging AWS services, scripting languages, and open source/commercial solutions
* Keep abreast of AWS new security features, advisories, alerts, trends, and practices
* You are excited and equipped to share our message on data security to our employees, partner teams, and the industry. You feel ownership over everything you drive and deliver.

Nice to have:

* Contributions and engagement with the security community or open-source projects
* Proficiency of core domains such as intrusion detection, incident response, malware analysis, and forensics.
* Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten

Glassdoor is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, age, veteran or military status, or any other category protected under the law. Glassdoor is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.