Senior Security Engineer
Technical Operations | Palo Alto, CA | Full Time
Instart logic - A radical new approach to application delivery
The Instart Logic service is the first cloud application delivery service in the world to extend beyond the limited backend-only cloud architectures of the past with an innovative new intelligent client-cloud platform delivered as a service. This new approach is based on software-defined architecture rather than hardware and network scale.
As our Sr. Security Engineer, you will be working in conjunction with our Head of Security to provide a secure environment for both our employees and our customers. Your day to day would, at a minimum, include validating application and environment changes to confirm security best practices, execute on vulnerability scanning and penetration testing, remediating security gaps and findings, keep security policies and procedures up to date, and being an integral part of the incident response process.
Additionally, you will provide leadership in mentoring teams throughout the organization on secure practices, and then validating their compliance through scanning, manual reviews, or automated reviews.
- Review network and software changes and validate them against compliance standards (PCI, SOC2, etc)
- Perform regular penetration testing, vulnerability scanning, and remediate gaps found
- Work with the Head of Security in annual compliance audits
- Develop, update, and maintain security policies, procedures, and methodologies
- Assist in guiding security project both for the organization as well as for products and services
- Use common security tools and techniques to analyze network traffic and systems behavior in order to identify and track potential attacks and adversaries.
- Develop tools and scripts to automate vulnerability detection.
- Validate vulnerabilities found by automated tools, bug bounty programs, and manual testing and determine priority for mitigation.
- Suggest firewall and NIDS rules and configuration changes to the environment in order to mitigate observed attacks.
- Determine root cause of potential security events or incidents.
- Effectively communicate through written and spoken means with technical peers.
- Under the guidance of management, respond to security incidents.
- Own tracking and resolution of security incidents and mitigations.
- Occasional on-call work.
- Bachelor’s degree or equivalent work experience.
- 3+ years of experience in information/computer security.
- 1+ years of experience as a security analyst.
- Experience writing NIDS, SIEM and Firewall rules.
- Experience in writing SQL queries.
- Experience working with digital forensic tools a plus
- 2+ years of automated scripting knowledge
- UNIX / Linux experience
- SIEM knowledge a plus
- Compliance (PCI, SOC2) knowledge a plus