Cloud Security Engineer
Technology | Belmont, CA | Full Time
B-Stock is the world’s largest online marketplace for returned, excess, and other liquidation merchandise. Our customers range from SMB to the world’s largest brands and retailers (including nine of the top 10 U.S. retailers). Led by eBay veterans, B-Stock completes over 175,000 transactions per year, selling 90 million items annually, making us a clear leader in the space.
The amount of inventory that is returned or unsold each year is growing very rapidly; in 2018, the value of this merchandise was estimated at $500 billion. Much of it ends up being liquidated for pennies on the dollar; some of it is even destroyed or landfilled. We believe there is tremendous value in and demand for this inventory - no matter the category, condition, or location. The B-Stock platform gives buyers a simple and direct way to buy valuable products, and offers sellers a trusted replacement for traditional liquidation and a critical boost in operational efficiency.
Backed by top investors including Spectrum Equity, True Ventures, and Susquehanna Growth Equity, B-Stock runs lean, fast, and shows no signs of slowing down. Our core values (teamwork, honesty, humor, and the passion to build something great) have shaped the company we are today and will certainly drive our success for many years to come.
For more information, visit www.bstock.com/careers/
B-Stock is looking for a Cloud Security Engineer to work closely with the cloud infrastructure, application development, container orchestration, and risk management teams to execute technology tasks, as well as ensure alignment to security principles, policies, and best practices.
The successful candidate will be responsible for safeguarding the organization’s cloud-based computer networks, cloud-native systems, and software applications. Responsibilities include designing, engineering, and maintaining cloud-based cyber security technology and platforms, performing threat modeling, monitoring data, hunting threats, and protecting sensitive data and systems from cyber-attacks.
ESSENTIAL JOB DUTIES AND RESPONSIBILITIES
Provide guidelines and solutions for cloud cryptography services, cloud-based authentication solutions, configuration management frameworks, containers, and orchestration security controls
Expert knowledge of AWS and/or GCP security controls and APIs
Partner with the security team on active or emerging threats
Threat hunting during and after events
Security engineering, building new tools and configuring vendor solutions
Analysis of bug bounty findings
Prepare reports of security performance, activities, and additional security-related outputs and present to management
Review technologies and development projects for alignment to security policies, standards, and best practices
Support CI/CD efforts as part of DevSecOps
Develop software-based tools and techniques to support cloud-based monitoring and threat detection
Event log management engineering and monitoring
Generate professional security assessment report
MINIMUM QUALIFICATIONS, JOB SKILLS, ABILITIES
4+ years of experience engineering and administering security technologies
1+ years of experience with using AWS, GCP, or Azure based APIs
Experience with using data infrastructure and analysis tools such as FluentD, Logstash, Kafka, Kinesis, and Hadoop for security purposes.
Experience handling and building a SOAR such as Demisto, Phantom, or Walkoff.
Expertise in securing one or more public cloud solutions such as AWS and Azure
Previous experience in working with common cloud-native authentication mechanisms (SAML, OAuth, etc.), container orchestration tools (Kubernetes, Docker, Puppet, etc.), and CI/CD deployment pipeline (Jenkins, Ansible, Terraform)
Experience with anti-virus software, intrusion detection and prevention, next-generation SIEMs, WAF, RASP, and content filtering technologies
Experience designing secure networks, systems, and application architecture
Experience reading and understanding the impact of malicious code, mobile attacks, etc.
Excellent oral and written communication skills with the ability to communicate security concepts to technical and non-technical audiences including senior management
Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify need
Be honest. We do the right thing because it’s right.
Have passion for building something great. We empower employees to “think like an owner” so we dare to try. Let’s find new ways to grow B-Stock together.
Humor. Take whatever you are doing very seriously but do not take yourself too seriously.
Teamwork. Our successes are achieved because we work in stride, leveraging each other’s strengths as a unified effort.
Respect. We show consideration for each other and recognize the power in our diversity.
- Competitive compensation packages including bonus and options
- Medical, dental, and vision benefits
- Paid Time Off, telecommuting and flexible schedule options
- Support for continuing education
- Team off-sites, social events and extracurricular activities are a staple
- Snacks, drinks, and the occasional box of donuts
No applicant will face discrimination/harassment based on: race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Above and beyond discrimination/harassment based on “protected categories,” B-Stock also strives to prevent other, subtler forms of inappropriate behavior (e.g., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at B-Stock.
US Work Authorization required.