Sr. Information Security Engineer
At Anaplan, we are looking for a self-motivated Sr. Information Security Engineer to join our growing team at Anaplan HQ in the city-by-the-bay, San Franciscoto be a member of the global Information Security Engineering group located across US and York, UK. Primary focus will be around security reviews and testing and being a key member of a successful Information Security Team.
This role will have a wide range of responsibilities. From designing and implementing security controls across servers, endpoints, network devices, and applications to providing security domain expertise in areas such as system, network, and encryption - you will proactively identify security flaws and vulnerabilities, and be able to think both like an attacker and defender. In this incredibly fast-paced, exhilarating environment you will be working with a team that is at the top of their game! Attention to detail and a proven ability to manage priorities are essential to being successful in this role. Your focus will not only be on quality, but quality in the highest degree with passion and patience to execute the work that needs to be done.
This role is an immediate full-time position. If you're ready to roll up your sleeves and tackle unique problems that no one is solving in the tech space yet, keep reading.
What you'll be doing:
* Performs security reviews of features and products, tracks product vulnerabilities against a baseline
* Assist in vendor security reviews
* Web application security testing
* Executes awareness programs e.g. phishing campaigns, social engineering
* Identify gaps/opportunities for improvement to workflows and security processes
* Recognize, adopt and instill security awareness & good practices throughout the organization
* Security reviews of features including threat modeling, documenting risks and tracking remediation
* Engage with cross-functional partners to identify and understand security requirements
* Participate in knowledge sharing with other analysts to develop efficient solutions
* Develop training modules for different aspects of the organization e.g. Secure Coding principles, Foundations of Software Security
* Function as a technical lead during a security incident response
* Co-ordinate and participate in red team / blue team activities
* Evaluate emerging security technologies, conduct effective POC's and onboard new solutions
* Work with the compliance team to review and update information security policies and standards
* Define security processes to monitor security risks, gaps and remedial actions to ensure the security of the operations and confidentiality, integrity and availability of data
* Own technical and operational security objectives
You have these skills:
* Knowledge of risk assessment tools & methodology
* Familiarity and some experience with CASB, DLP, cloud security
* Understanding of Advanced Persistent Threat (APT) tactics, techniques and procedures.
* Experience with Network and Endpoint forensics tools, processes and procedures
* Implementation experience with SIEM, WAF, IDS/IPS
* Experience with Static Code Analyzers
* Solid understanding of SSDL, including architecture risk analysis, threat modeling and application security testing
* Scripting in Python / Ruby / Perl
* Solid understanding of security architectures, operating systems and network protocols
* Experience with security aspects of cloud technologies (AWS, GCP, Azure), directory services, secrets management, DDoS, CASB, DLP etc.
* Experience with data center security, cloud infrastructure and platforms (Iaas and Paas)
* Experience deploying, configuring and maintaining SIEM, endpoint protection, Security Auditing and Logging, Vulnerability Management
* Experience leading incident response efforts
* Security certifications, e.g. CISSP, CISM, CCSP, CCSK, CEH, GCIH, GCIA, OSCP, etc.
* University degree in security related discipline
What we offer:
* The opportunity to be part of our award-winning working Engineering team.
* A long list of incredible benefits worthy of a leading Silicon Valley tech firm. We offer highly competitive packages - we're serious about attracting the best technologists in the industry.
* A rewarding career with a company that values diversity and invests in you
Do you align with Anaplan's Values?Explore all of our Values on Anaplan.com/careers #AnaplanLOVE
We're building a truly unique technology. From our calculation engine and in-memory data store, to apps and predictive analytics; amazing technology is being developed every day.
We're addressing a $100B/year problem that all global businesses face. Our mission is to break the traditional business planning mold, currently performed through spreadsheets or legacy systems. Anaplan's Connected Planning platform is enabling customers to improve decision-making by turning response time into real time.
With 1,000+ customers and 175+ partners globally, Anaplan's platform is solving some of the most complex challenges in business. CEOs, analysts, and the press agree-Anaplan is changing the way the world does business.
Learn about our history, see our recognitions and achievements, and take a look at what it's like to work at Anaplan.
Get to know more about working at Anaplan by checking out our social channels.
CAN'T FIND THE PERFECT ROLE FOR YOU? NEW OPPORTUNITIES ARE OPENING UP DAILY:
Anaplan is a planning and performance management platform for smart businesses.