Security Devops Engineer
Engineering | Draper, UT | Full Time
Who we are
LiveAuctioneers is the leading marketplace for fine art, collectibles, furniture, and jewelry.
Founded in 2002, LiveAuctioneers was the first in the industry to introduce mobile bidding, video streamed auctions, and more. The company continues to be a pioneer in the sale of rare treasures. In 2019, LiveAuctioneers helped facilitate $3 billion of sales by connecting 13 million of the world's most knowledgeable collectors with thousands of passionate sellers of one-of-a-kind items.
We are building products that connect auction houses to bidders around the world in our effort to enable everyone to buy and sell exceptional items with confidence.
LiveAuctioneers is an inclusive, small team with talented management who have started and/or grown market-leading companies like GrubHub/Seamless and 1stDibs. The company's most recent investment was led by Cove Hill Partners, investors in innovative companies like NetDocuments and Storable.
We're a small company that uses a small team approach (about 5-6 engineers per team). Our engineering team is based in our Draper, UT office (in the Salt Lake City, UT area).
What the job is
We are seeking an enthusiastic professional for a DevSecOps Engineer position with established experience with cloud (ideally AWS but Azure, GCP experience is good) services, secure SDLC/DevSecOps practices such as automating security processes in our CI/CD pipeline, bot and DDOS mitigation and security review efforts, DevOps practices such as build/release management, containers and workload orchestration (Docker, ECS, Kubernetes), and general automation of infrastructure.
Your skills are broad - implementing cloud solutions for new and existing applications, scripting, automation of time consuming processes and debugging platform issues – and you easily transition between those and handle multiple projects and priorities.
We’re looking for someone who has working knowledge in security best practices, dev ops concepts in cloud native environments. We want you to review security reports and practices on our platform, as well as provide insight and feedback on the team's development and security processes.
Experience in our exact stack is not a requirement, we’re looking for a person who is a curious doer.
And since we have remote team members around the US, we’re looking for individuals who can collaborate with remote team members over chat and video conferencing. We are a small team, we look for individuals who can contribute in multiple roles, self start and collaborate effectively to meet goals.
Ownership of Web Application Firewall systems
Setup and audit fine grained AWS IAM and VPC security for both applications and users
Run and review vulnerability and pen tests on a regular basis
Identify and raise security vulnerabilities with development team
Assist fellow engineers with cybersecurity and devops needs
Build and maintain highly available and scalable production systems.
Manage core production systems, including frequent changes and updates.
Rapidly identify and resolve problems in production systems.
Handle complex service faults.
Develop tools to improve our pipeline and developer productivity.
Improve technologies and processes while maintaining a rapid delivery cycle.
Provide support during off hours (nights and weekends) when necessary.
At least 3 years experience managing and maintaining Linux servers in a multi-server environment
Experience conducting security audits of access policies for both user accounts and applications in a cloud environment
Experience conducting audits of network access policies (eg firewalls,
3 years of experience implementing and maintaining cloud based solutions on platforms like AWS, GCP, Azure
Experience with automation tools using one or more scripting technologies: Bash, Ruby, Python etc
Practical experience using Docker
Familiarity with infrastructure as code tools such as Cloud Formation and Terraform
Familiarity with CDNs such as Fastly is a plus
Experience implementing and maintaining cloud based solutions in AWS including: EC2, Elasticache, ECS, Cloudfront, Lambda, API Gateway, RDS a plus
Familiarity with cloud native open source solutions for monitoring, like Prometheus, ELK, Grafana, Loki etc a plus
This job does not offer visa sponsorship or transfer
This position is open only for candidates able to work at our Draper, UT office (in the Salt Lake City, UT area)
A good engineering setup
Comprehensive medical, dental, and vision coverage, including fully company paid medical and dental options
HSA matching, flexible spending account
Generous vacation policy
Fully-stocked beverage fridge and snack pantry
Weekly team lunches
We promote a healthy Life/Work balance and believe in celebrating our successes together