\n\n\nRemote positions open to the US only. \n\nThe Jr. Information Security Operations Engineer will design, develop, and support KnowBe4โs core information security infrastructure & information security procedures, both in the cloud and on premise. The individual in this role will be responsible for developing and managing systems, applications, alerts, scripts, reports, and dashboard that enable and automate key information security functions and provide the core capabilities of information security operations.\n\nResponsibilities:\n\n\n* Assess information security processes and design more efficient methods using scripting and automation\n\n* Create scripts to perform data transformation (ETL, cleaning, augmenting, anonymizing, etc)\n\n* Design solutions within AWS to enable infosec departments to operate more efficiently (automation, reporting, alerting)\n\n* Design and build solutions to fill security or compliance gaps\n\n* Development and maintain information security policies, procedures & baselines, SOPโs, diagrams, workflows, etc.\n\n* Deploy and maintain infosec systems within AWS\n\n\n\n\nRequirements:\n\n\n* Bachelor's degree in relevant field or experience in software development/scripting in the information security space\n\n* Relevant experience in scripting and automation preferred\n\n* Relevant information security certifications preferred\n\n* Understanding of AWS services and how to use them \n\n* Ability to write scripts in Python and read/edit other programming languages\n\n* Ability to write scripts to leverage third party service APIโs\n\n* Experience with code repositories and source control applications\n\n* Familiarity with SDLC and CI/CD concepts.\n\n* Ability to write intermediate database queries in SQL\n\n* Experience writing secure code and secure code deployment concepts\n\n* Has an understanding of infosec concepts such as: cloud infrastructure, application security, vulnerability scanning, penetration testing\n\n* Some experience with infosec testing tools, OSINT tools, and scripts\n\n* Familiar with application development concepts: servers, databases, coding, APIโs, containers, logging, troubleshooting\n\n* Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows\n\n* Able to navigate the linux command line and an understanding of basic linux server management\n\n* Strong verbal and written communications\n\n* Excellent time management and organization skills\n\n* Excellent Analytical skills\n\n\n\n\nThe base pay for this position ranges from $70,000 - $85,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above.\n\nWe will accept applications until 9/19/24. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Design, Python, Cloud and Engineer jobs that are similar:\n\n
$52,500 — $92,500/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nClearwater, Florida, United States
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
Role overview:\n\nYouโll be responsible for the general infrastructure that underlies Gatherโs services, from our game servers to our API servers. This encompasses the infrastructure-as-code, tools, configuration, automation, and scripts that build, deploy, and run our many services in cloud environments. In partnership with engineering leadership, youโll implement security best-practices, guide long-term technology decisions, and build the future of Gatherโs infrastructure.\nGather's Tech Stack\n\nGather is simultaneously a modern web app, multiplayer video game, and live video conferencing platform. This means our infrastructure involves several main components, all built in-house:\n\n\n* An HTTP service to serve the site and API\n\n* A game service to handle real-time game state updates\n\n* A video service to power live video chat\n\n\n\n\nGather's Application is currently written in Typescript (frontend/backend). Prior Typescript knowledge is not a requirement for the Infrastructure team.\nFocus areas that we could use a hand with\n\n\n* Security โ as Gather grows, we have ever more responsibility to ensure the safety of our systems and customer data. We need an infrastructure engineer who is security-minded. Champion the infosec cause, and build air-tight VPCs.\n\n* Networking โ we need a cutting-edge and rock-solid video network. Shave latency and thrill our usersโฆwith consistency.\n\n* Canary Environments โ weโre constantly deploying, and that requires great care. Build the mechanisms that let us detect problems before they become an incident.\n\n* Multi-cloud Infrastructure โ manage, troubleshoot, and deploy to multiple Kubernetes clusters. Spread them across multiple clouds and make sure theyโre up through the worst datacenter outages.\n\n\n\nWhat you bring:\n\n\n\n* Software Engineering experience in Systems (OS, Distributed, Networking, etc.), Infrastructure, Security, DevOps, SRE, or related background.\n\n* Deep knowledge of Kubernetes and the networking concepts that it relies upon. Deploying apps is just the beginning โ you must be able to troubleshoot when they donโt.\n\n* Have experience implementing secure by-default designs and features in cloud infrastructure endpoints, tooling, and processes.\n\n* Experience implementing metrics and monitoring, sending data to one or more of Prometheus, New Relic, or Datadog.\n\n* Programming experience with one or more of Golang, Python, or NodeJS, and the ability to write applications that communicate with APIs like Kubernetes and AWS.\n\n* Linux operational expertise: know the ins and outs of Bash scripting and how to keep a system healthy.\n\n* Experience writing and maintaining Terraform stacks.\n\n* A love for learning and growing yourself and the team around you.\n\n* Strong collaboration and communication skills.\n\n* Excitement for a fast-paced, high-growth environment.\n\n* Passion for Gather and our mission to build a metaverse for all.\n\n\n\nNice to Haves:\n\n\n* Experience interpreting and implementing the requirements of a SOC2, GDPR, or ISO compliance program.\n\n* 1+ years' experience developing and implementing automation and security controls on AWS.\n\n* You compile Linux kernels not because you have to, but because you want to.\n\n* Understanding of the pros and cons of different release processes, and how to apply Git and other tools to achieve them.\n\n\n\nUS Salary Range\n\nAt Gather, compensation may vary outside of this range depending on a number of factors, including a candidateโs qualifications, skills, competencies and experience, and location. The base salary range for this position in the selected city is $164,000 - $220,375 annually and we encourage candidates outside of this salary range to apply.\n\nBase pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for a stock reward program.\nBenefits\n\n\n\n* Work remotely out of a state-of-the-art virtual office!\n\n* Competitive compensation, benefits, and meaningful equity\n\n* Comprehensive medical, dental, and vision insurance for employees and their dependents\n\n* 401k and matching program\n\n* Generous PTO policy and mental health days to recharge\n\n* Meal stipend twice a week to keep you nourished\n\n* Remote work, education, and health & wellness stipend\n\n* Support for family planning & gender-affirmation\n\n* The opportunity to join a passionate team in building something that actually makes peoples' lives better, every single day\n\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Video, Cloud, Git, Typescript, API, Engineer and Linux jobs that are similar:\n\n
$50,000 — $110,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nSan Francisco, California, United States
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
\n//ENGLISH FOLLOWS//\n\nNous recherchons un spรฉcialiste en sรฉcuritรฉ informatique pour rejoindre l'รฉquipe de Haven Studios. Le spรฉcialiste de la sรฉcuritรฉ informatique travaillera en รฉtroite collaboration avec notre รฉquipe informatique et de sรฉcuritรฉ pour fournir des solutions sรฉcurisรฉes et permettre aux studios de livrer les meilleurs jeux ร nos joueurs.\n\n \nReporting\n\nLe spรฉcialiste sรฉcuritรฉ relรจvera du CTO\n\nResponsabilitรฉs et tรขches\n\n* \nIntรฉgrer les politiques de sรฉcuritรฉ et collaborer avec les รฉquipes de sรฉcuritรฉ Sony\n* \nSoutenir l'รฉquipe informatique en sรฉcurisant le rรฉseau de pรฉrimรจtre (commutateurs, pare-feu, WiFI)\n* \nAider ร la conception, au dรฉploiement et ร la gestion d'outils de sรฉcuritรฉ pour les postes de travail ainsi qu'ร l'exรฉcution des procรฉdures de rรฉponse aux incidents\n* \nTriage des alertes (gestion des vulnรฉrabilitรฉs, antivirus, pare-feu etc.)\n* \nOrganisation des sรฉances de sensibilisation ร la sรฉcuritรฉ avec les employรฉs\n* \nFournir un support aux utilisateurs finaux pour les sujets et les outils liรฉs ร la sรฉcuritรฉ informatique\n* \nDocumenter les incidents de sรฉcuritรฉ et faire le suivi avec les รฉquipes concernรฉes\n* \nRester ร jour avec les derniรจres menaces de sรฉcuritรฉ, normes et meilleures pratiques\n* \nCollaborer avec l'รฉquipe informatique pour renforcer la sรฉcuritรฉ des postes de travail (Linux / Windows / Mac)\n\n\n\nQualifications recherchรฉes\n* \nComprรฉhension des menaces courantes de cybersรฉcuritรฉ, des stratรฉgies de protection et d'attรฉnuation et capacitรฉ ร les expliquer ร un public technique et non technique.\n* \nExcellente connaissance de la sรฉcurisation des systรจmes Windows et Linux\n* \nExpรฉrience avec Google Workspace\n* \nExpรฉrience avec l'administration d'Active Directory\n* \nExpรฉrience de travail avec les logiciels Endpoint Detection and Response (EDR) et le tri des alertes\n* \nSolides compรฉtences en communication et en relations interpersonnelles\n* \nAttention au dรฉtail\n\n\n\nQualifications souhaitรฉes\n* \n2 ans d'expรฉrience dans la gestion d'Active Directory, Intune ou d'autres solutions MDM\n* \nExpรฉrience avec des sujets de travail hybride et ร distance liรฉs ร la sรฉcuritรฉ\n* \nExpรฉrience avec les programmes de gestion des vulnรฉrabilitรฉs\n* \nFamiliaritรฉ avec Google Cloud et AWS Cloud\n* \nFamiliaritรฉ avec la sรฉcuritรฉ physique\n* \nConnaissance d'un langage de programmation (Python / Go / Rust / C++)\n\n\n\n\n Position โ Security Specialist\n\nWe are looking for a security specialist to join Haven Studios team. The security specialist will work closely with our IT and security team to deliver secure solutions and enable the studios to ship the best games to our players.\nReporting\nThe IT security specialist will report to the Haven CTO\n\nResponsibilities and Duties\n* \nIntegrate policies and collaborate with Sony Infosec on IT security topics\n* \nSupport the IT team securing the network perimeter (switches, firewalls, WiFI)\n* \nAssist in the design, deployment and management of security tools and software for endpoints, as well as following playbooks for incident response.\n* \nTriage alerts (vulnerability management, antivirus, firewall etc.)\n* \nConduct security awareness sessions with employees\n* \nProvide end-user support for IT security related topics and tools\n* \nDocument security incidents and follow-up with relevant teams\n* \nStay up-to-date with the latest security threats, standards and best practices\n* \nCollaborate with the IT team to harden the security of endpoints (Linux / Windows / Mac) \n\n\n\nMinimum Qualifications\n* \nUnderstanding of common cyber security threats, protection and mitigation strategies and ability to explain them to technical and non-technical audience\n* \nExcellent knowledge of Windows and Linux hardening\n* \nExperience with Google Workspace\n* \nExperience with Active Directory administration\n* \nExperience working with Endpoint Detection and Response softwares (EDRs) and triaging alerts\n* \nAbility to code custom scripts in Python or Powershell\n* \nStrong communication and interpersonal skills\n* \nAttention to detail \n\n\n\nPreferred Qualifications\n* \n2 years of experience managing Active Directory, Intune or other MDM solutions\n* \nExperience with hybrid and remote work topics related to security\n* \nExperience with vulnerability management programs\n* \nFamiliarity with physical security\n* \n Knowledge of a programming language (Python / Go / Rust / C++)\n\n\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Python, Cloud and Linux jobs that are similar:\n\n
$35,000 — $87,500/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nCanada, Montreal, QC
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
This job post is closed and the position is probably filled. Please do not apply. Work for Gruntwork and want to re-open this job? Use the edit link in the email when you posted the job!
About Gruntwork
Gruntwork aims to improve humanity's most important invention: Software. Our focus today is on creating a DevOps UX that software engineers actually enjoy, which we do by creating building blocks that make launching in the cloud 10x better/faster/easier. We work with AWS, K8s, Terraform, Terragrunt, Terratest, Go, Typescript, and React, and introduce new tech as needed. Weโre a small team (~20 people), but our clients include Toyota, Adobe, TicketMaster, Verizon, and hundreds of startups.
We are profitable, self-funded (no investors, no debt), and pay salaries, equity, and bonuses according to transparent formulas. We are 100% remote, with 2/3 of our team in the USA and 1/3 in Europe. We plan company-wide in-person meetups every few months and are known world-wide for both DevOps thought leadership and our popular open source tools, Terragrunt and Terratest.
Our measure of a successful Grunt is (1) think like an owner, (2) make impact, (3) communicate effectively, (4) be a good person. If this sounds like you, we're hiring!
About The Role
Our infrastructure as code library and platform team delivers an end-to-end, best-practices infrastructure on AWS in just days, all as a product. In this role, youโll collaborate with other senior-level engineers to define the next generation of AWS and DevOps best practices, codify them for use by thousands of engineers, and design a next-level experience for implementing, operating and understanding them.
What You'll Work On
Build a better DevOps experience.ย We have a unique product that generates complete, multi-account AWS architectures for Terraform and Terragrunt in just a few hours using a collection of internal Golang tools. Help us take this to the next level by using that product to deliver prod architectures directly to customers, and then leveraging their feedback for improvements. Better yet, help us get to the point where the entire experience is completely automated or self-service.
Codify AWS and Terraform best practices.ย Customers look to Gruntwork to share the best way to launch on AWS. Discover AWS and Terraform best practices, and then codify them as repeatable patterns that Gruntwork customers can pull off the shelf.
Integrate with the Gruntwork platform.ย Integrate your product work with our company-wide platform, which consists of a REST API (Next.js/Typescript), a web-based single-page app (Next.js/React/Typescript, Tailwind), and a first-class CLI tool (Go).
Build out the Infrastructure as Code Library.ย Create and maintain reusable infrastructure modules for a variety of infrastructure (e.g., EKS, ECS, RDS, VPC, Lambda, EC2, S3, ElastiCache, etc.), using a variety of tools (e.g., Terraform, Go, Python, Bash, Docker, Packer, etc.) on AWS.
Contribute to open source.ย Contribute to our open source projects as needed, including Terragrunt, Terratest, cloud-nuke, bash-commons, and more.
Train and mentor.ย Play to your strengths and areas of expertise by not only writing code and working on the product but also by sharing knowledge and mentoring both other team members and our customers in those areas.
Support customers.ย Gruntwork is a small, distributed, self-funded, profitable startup, so we'll ask you to provide a limited amount of support to enable learning directly from customers about how we can improve and continue achieving our vision of making it easier to understand, build, and deploy software.
Your Ideal Background
You should meet some of these requirements, but you don't need to meet all of them. As a company, we look for people who can leverage their existing skills to make significant impact in the near term. As an individual, you are likely looking for a growth opportunity, a core part of which is building new skills.
You know how to write code across the stack and have experience in one or more of the following: Go, C++, Python, Typescript, Bash, React, Next.js
You have production-level experience with AWS.
You have expertise in one or more of the following: Kubernetes (any managed offering, preferably EKS), ECS<, EC2, Lambda / Serverless, API Gateway, RDS, S3, AWS Config, AWS CloudTrail, Amazon GuardDuty, IAM, VPC, VPN.
You have worked with Terraform or other infrastructure-as-code tools like CloudFormation, CDK, or Pulumi in prod.
You have experience achieving compliance and going through audits (e.g., SOC2, HIPAA, vendor, etc).
You have a strong background in software engineering.
You have strong communication skills in English and are comfortable engaging with external customers.
Your Ideal Values
You have a passion for imparting best practices to other developers.
But you would rather invest the time to automate a problem than do the same work again.
You have a passion for learning (new technologies and languages specifically).
But you are motivated most by making impact.
You are inspired by our values (https://gruntwork.io/about/#our-values).
Compatible Time Zones
You'll be working with a team in theย US time zones, so you can be located in almost any country as long as your time zone is no further west than Los Angeles (GMT-8/GMT-7) and no further east than New York (GMT-5/GMT-4). We've found that when everyone on the team is located in similar time zones, it's easier to collaborate and there's much less pressure to stay up late or get up early, so this is a hard constraint, even if you're willing to work hours different from your current time zone.
Benefits
Our benefits reflect our values. We believe compensation should be fair, transparent, and generous. We hire Grunts in many countries, so some details may vary.
Location Independent, Above-Market Salary.ย To reduce bias and increase transparency, we compute all salaries using formulas. The formula factors in your title and uses a multiplier to produce a result that's above market for that title. Our salaries are location independent.
Profit-Sharing Bonus.ย We set aside a pot of money at the end of each year based on profits and distribute bonuses according to a formula that uses as inputs your level within the company and the length of your tenure at the company.
Hardware Budget.ย We'll buy you a brand new 16" Apple MacBook Pro (or other computer of your choosing of equivalent value) upon joining. It will be owned by you, not the company.
Personal Budget.ย We'll give you a personal budget of $1,000 USD per month to spend on your workspace (e.g., a co-working space), health (e.g., gym, yoga), time (e.g., babysitter), and/or learning (e.g., books, courses).
Medical/Dental/Vision Insurance.ย We offer a range of high-quality plans with a large portion paid by the company. For countries other than the US, this includes extra coverage on top of your statutory insurance.
In addition to the global benefits listed above, we have some US-specific benefits as well:
FSA and HSAs.ย We don't contribute to these accounts, but we do offer them as an option.
401(k).ย We contribute a portion of your salary to your 401(k).
Disability insurance.ย If you get disabled, we have a policy that will pay out a portion of your salary.
Life First, Then Work
We believe in planning our work around our lives, not the other way around. To help achieve that we offer:
Remote workย that lets you control your hours and physical location.
Normal working hoursย that usually amount to not more than ~40h per week, and no working on weekends or holidays.
Deliberate project planningย that takes into account the time zone of all team members.
A minimum vacation policyย where you must takeย at leastย 4 weeks per year away from work.
No one carrying a pagerย and no on-call rotation. We enable this by only offering support contracts with SLAs of responses on business days / hours only.
Please mention the word WARMTH when applying to show you read the job post completely (#RMy4xNDQuMjM3LjMx). This is a feature to avoid fake spam applicants. Companies can search these words to find applicants that read this and instantly see they're human.
Salary and compensation
$180,000 — $240,000/year
Benefits
๐ฐ 401(k)
๐ Distributed team
โฐ Async
๐ค Vision insurance
๐ฆท Dental insurance
๐ Medical insurance
๐ Unlimited vacation
๐ Paid time off
๐ฐ 401k matching
๐ Company retreats
๐ฌ Coworking budget
๐ Learning budget
๐ช Free gym membership
๐ง Mental wellness budget
๐ฅ Home office budget
๐ฐ Profit sharing
๐ฐ Equity compensation
โฌ๏ธ No whiteboard interview
๐ No monitoring system
๐ซ No politics at work
๐ We hire old (and young)
How do you apply?
This job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Menlo Security and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 1 year ago
\nAbout the Role\n\nInfrastructure Engineering is responsible for building and operating the Menlo infrastructure platform. Together we enable our customers to connect to the internet without compromise. Our environment spans 40+ data centers and provides internet services globally. We expect failure, build security in by design, create evolvable systems and enable multi-tenancy across the infrastructure. Automation is an absolute.\n\nWe are committed to getting it done properly the first time.\n\nRequirements\n\n\n* Experience building and running a high-transactional, 24x7 production environment\n\n* Experience with cloud services; multiple data centers and public cloud (namely AWS)\n\n* Sound knowledge and experience with general systems engineering\n\n* Experience with Linux and Linux kernel internals; configuration and tuning\n\n* Experience with systems configuration management and CI automation\n\n* Experience with networking, load balancing, caching, compression, application fire-walling, smtp, proxy, SSL termination, systems and application security\n\nBS/BA or relevant experience preferred\n\n\n\n\nMSGL-I4 \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Cloud, Engineer and Linux jobs that are similar:\n\n
$70,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nBracknell, England, United Kingdom
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
\n\n\nRemote positions open to the US only. \n\nThe Security Automation Engineer will design, develop, and support KnowBe4โs core information security infrastructure & information security procedures, both in the cloud and on premise. The individual in this role will be responsible for developing and managing systems, applications, alerts, scripts, reports, and dashboard that enable and automate key information security functions and provide the core capabilities of information security operations.\n\nResponsibilities:\n\n\nAssess information security processes and design more efficient methods using scripting and automation\n\nCreate scripts to perform data transformation (ETL, cleaning, augmenting, anonymizing, etc)\n\nDesign solutions within AWS to enable infosec departments to operate more efficiently (automation, reporting, alerting)\n\nDesign and build solutions to fill security or compliance gaps\n\nDevelopment and maintain information security policies, procedures & baselines, SOPโs, diagrams, workflows, etc.\n\nDeploy and maintain infosec systems within AWS\n\n\n\n\nRequirements:\n\n\nBachelor's degree in relevant field or experience in software development/scripting in the information security space\n\nMinimum 1 year relevant experience in scripting and automation preferred\n\nRelevant information security certifications preferred\n\nUnderstanding of AWS services and how to use them \n\nAbility to write scripts in Python and read/edit other programming languages\n\nAbility to write scripts to leverage third party service APIโs\n\nExperience with code repositories and source control applications\n\nFamiliarity with SDLC and CI/CD concepts.\n\nAbility to write intermediate database queries in SQL\n\nExperience writing secure code and secure code deployment concepts\n\nHas an understanding of infosec concepts such as: cloud infrastructure, application security, vulnerability scanning, penetration testing\n\nSome experience with infosec testing tools, OSINT tools, and scripts\n\nFamiliar with application development concepts: servers, databases, coding, APIโs, containers, logging, troubleshooting\n\nKnowledge of various operating systems, ChromeOS, Linux, Mac, Windows\n\nAble to navigate the linux command line and an understanding of basic linux server management\n\nStrong verbal and written communications\n\nExcellent time management and organization skills\n\nExcellent Analytical skills\n\n\n\n\nThe base pay for this position ranges from $70,000 - $80,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Analyst, Finance, Non Tech, Sales, Angular, Senior, Legal, Engineer, Design, InfoSec, Python, Testing, Cloud, Linux and Digital Nomad jobs that are similar:\n\n
$70,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nClearwater, Florida, United States
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
This job post is closed and the position is probably filled. Please do not apply. Work for ORCID and want to re-open this job? Use the edit link in the email when you posted the job!
ORCID is seeking an experienced and enthusiastic professional for the position of DevOps Engineer. If you like the flexibility of a remote organization and the public-service orientation of a non-profit, join us on our mission to connect research and researchers!
Who We Are
ORCID is a mission-driven, member-supported, community-governed non-profit organization. Our vision is a world where all who participate in research, scholarship, and innovation are uniquely identified and connected to their contributions across disciplines, borders, and time. Every one of ORCIDโs employees is committed to that vision as well.
We believe in and operate by our three values [read our Dignity at Work statement]. ORCID strives to be:
Inclusive: We make decisions collaboratively, involving our staff, Board, those who support our mission, and the researchers and community that are the purpose of our work. We take a global view.
Trusted: Privacy and researcher control underscores everything we do.
Open: Our work is open, transparent, and non-proprietary.
Where We're Located
As a fully-remote organization serving researchers everywhere, ORCID is able to hire talented individuals all over the globe, and we aim to have our people located in the communities that we serve. We currently employ staff in the following regions (but welcome applicants from all locations, even if not listed here):
Canada
Costa Rica
Hungary
Lithuania
Mexico
Netherlands
Portugal
South Africa
Spain
Taiwan
UK
USA
The Role
ORCID is seeking a DevOps Engineer. As a DevOps engineer, you should work with other software developers and QA specialists, and will be responsible for improving and maintaining the ORCID technological infrastructure. If you like a mission-driven environment and enjoy working as part of a team, but are also self-motivated and organized to work remotely, this could be the job for you.ย ย
The position will be part of our Tech team, reporting to the Technology Manager. The successful candidate will want to be a part of a friendly, supportive, and productive team, and will believe in an โautomate everythingโ approach to DevOps.
Responsibilities
Maintain the ORCID technological infrastructure: Maintain the ORCID configuration management system, the current server stack, the databases, the CI and any other SaaS systems used by ORCID to provide their services, such as Mailgun, Cloudflare, Rackspace, etc.
Improve the ORCID technological infrastructure: Work with the Tech Director, the Tech Manger and the development team in general to improve the current technological infrastructure, by keeping our infrastructure up-to-date with the latest technologies and patches, finding new tools that could improve the services we provide and experiment with new technologies to decide which ones could be used by ORCID to provide better services.
Monitor the status of ORCID technological infrastructure: Constantly check ORCID monitoring infrastructure to find problems or vulnerabilities that could affect the performance of ORCID services.
Author use-cases, technical/functional requirements, flowcharts, diagrams and documentation: Develop and maintain technical documentation, in the form of use-cases, technical/functional requirements, flowcharts, diagrams, docs and wiki pages, required by the team to understand and maintain the existing technical infrastructure.
Participate actively in iterative development meetings (stand-ups, kick-offs, retrospectives), and design sessions with project teams and working groups
Collaborate with team members, consultants, designers, the development community and users to plan, estimate and evaluate the risks of different features that could be added to the ORCID registry: Collaborate with different people from the ORCID community to generate plans that helps ORCID to develop new functionalities or improve the existing ones.ย
Collaborate in the finding of bugs and areas of improvement in the current ORCID Registry and related projects.
Participate in the out of hours on-call rota, and respond to tech emergencies when required (estimated 10 weeks of compensated on-call shifts per year) .
Future Projects
Set up, manage, and monitor container infrastructure in AWS, using Terraform and Kubernetes
Migration of the ORCID Registry to AWS
Evaluate, plan, and deliver monitoring tools for container-based systems
Set up and manage new security scanning tools
What We Do Now
Server configuration management using Ansible
Manage Linux virtual servers and containers
Manage virtual network security
Manage Github Actions CI/CD
Automate routine tasks by writing Python and Bash scripts
Postgres DB backup/restore, monitoring
Set up, manage, and monitor NoSQL servers (MongoDB)
Set up, manage and monitor search servers (SOLR)
Manage monitoring systems (New Relic, Cloudflare, InsightOps)
Requirements and Qualificationsย
(ORCID encourages applicants who meet some, but not all of the requirements and qualifications, to apply)
5+ years of experience in DevOps
Fluent in written and spoken English
Able to work during Europe and US business hours (at least half the working day should be between 1200-2000 UTC) including making twice-weekly meetings at 1500 UTC
Ansible experience
AWS experience
Terraform experience
Kubernetes experience
Scripting experience
Linux admin skills
Ability to work as part of a small DevOps team, with minimal supervision
Exceptional communication skills and a strong work ethic; ability to prioritize effectively and get things done in a dynamic, unstructured environment
Experience extracting actionable recommendations from feedback and data, and communicating it to stakeholders
Proactive in suggesting new tools and solutions
Motivated and results-driven, with a high-level of energy, enthusiasm, and initiative
Nice to Have
Experience with Rackspace Cloud
Python scripting
MongoDB
Github
SAML experience
SOLR
Ability to travel internationally at least once a year
Accommodationsย
ORCID happily provides reasonable accommodations to applicants with disabilities, or circumstances that could require modifications to our application process or responsibilities of the role. If you need accommodations, whether during the application process itself, or potentially would need accommodations for any of the job responsibilities, please reach out to [email protected].ย
Our Culture
ORCID staff are curious and collaborative, and we strive to maintain a culture of learning. We offer programs like individually-focused professional development planning, monthly โFood for Thoughtโ learning sessions on a wide variety of topics, and access to a digital learning platform, Udemy for Business. We are flexible and family-friendly, allowing staff to shift their schedules as needed, flex their time across the calendar month, and take an hour-long paid break each day (not to mention OFFโ see the benefits we provide below).ย
As an organization, we are committed to diversity, equity and inclusion (DEI). We hold bi-annual forums, open to all staff, where our DEI plans and needs are discussed and amplified. As a fully remote organization, we also have an active committee dedicated to making our individual remote experiences as positive and productive as possible. Read more about our culture here.
Although we are geographically diverse, we are a small, cohesive community dedicated to our mission and to each other.
As an open organization valuing trust and transparency, we have a privacy policy describing how we handle applicant, employee and contractor data that we invite you to review if interested.
We Provide:
A family-friendly, flexible working environment, including:ย
Flexible work hours and the ability to work fully from home (when not traveling)
A committed and awesome team serving a community-driven organization
Competitive compensation & benefits, plus OFF: an ORCID-wide day off on the first Friday of each month
A continuous learning environment with opportunities for training & professional development
Tools to support our virtual office environment, including a budget to choose your preferred laptop and a remote working stipend.
Compensation
ORCIDโs compensation strategy considers an applicantโs skills and experience, geographic location, as well as internal equity when assessing salary. Because we are remote and hire all over the globe, our salary ranges will vary by location for any given role.
Please mention the word PROPER when applying to show you read the job post completely (#RMy4xNDQuMjM3LjMx). This is a feature to avoid fake spam applicants. Companies can search these words to find applicants that read this and instantly see they're human.
Salary and compensation
$30,000 — $90,000/year
How do you apply?
This job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Giant Swarm and want to re-open this job? Use the edit link in the email when you posted the job!
## Your Job\nWe are looking for a **Platform Engineer** specializing in **Security** to join our product development team, and play an integral role in the development of our managed Kubernetes offering. You will build and develop the platform, using cutting edge technologies includings Kubernetes Operators and Cluster API.\n\nWe have recently added an entirely open-source security solution to our suite of managed services and are looking for a Platform Engineer to join us in building out the new stack and continuously improving our security posture in Kubernetes. In this role, you would join our security team and work on integrating open-source security tools into our managed security service, hardening our Kubernetes clusters, and enabling customers and other teams to be secure by default.\n\nGiant Swarm is a fast-growing open-source infrastructure management platform used by modern enterprises. Our vision is to empower developers around the world to ship great products.\n\n* You will be responsible for architecting and building distributed systems, as part of our managed Kubernetes offering.\n* You will use a wide variety of open source technologies and tools from across the open-source community, including Kubernetes, Falco, Starboard, Trivy, Harbor, Kyverno, Prometheus, and Flatcar Linux.\n* You take part in oncall, as part of our โyou build it, you run itโ philosophy. This includes improving operations, such as adding metrics, or building dashboards.\n\n\n## Requirements\n* You have experience with Go and at least one other programming language, and a strong architectural background.\n* You have worked extensively with Kubernetes.\n* You are an experienced Linux user.\n* You are used to deploying to production multiple times a day, and love to automate all the things.\n* You are comfortable building and working with distributed systems - you prefer to build your applications as multiple services instead of a single monolith.\n* We offer flexible working hours, but we (and our customers) are currently mostly distributed around Europe. You will need to align parts of your day to communicate with them, so ideally your main time zone is UTC +/- 2 hours or US/Canada Eastern Standard Time.\n* We are very active in the Cloud Native / Kubernetes space. If you are as well - or you just love giving talks - it will be a perfect addition.\n* Bonus points if you have meaningful experience with security tooling in Kubernetes, have ever maintained an open-source security project, are/were an incident responder, or have worked in a similar relevant blue team role.\n\n## About us\nEvery new team member changes the team. We love to learn from each other and we are looking for people who know things we donโt. \n\n* Becoming part of Giant Swarm means that, by extension, you also become part of the Cloud Native community. We actively contribute to upstream projects and our quarterly hackathons will give you space to work on out-of-the-box projects. Occasionally, when we, as a team, want to fully focus on one project, we scratch all meetings and routines for a certain time to better focus during our [hive-sprints](https://www.giantswarm.io/blog/climbing-mount-everest-with-cluster-api-giant-swarm).\n\n* Continuous learning is important to us - we foster this through bi-yearly personal development talks, a budget for training/certifications/coaching as well as regular feedback talks and workshops. Our teams are cross- functional and collaboration is key. \n\n* Nothing crazy, but useful Basics: We don't count holidays but set a minimum number; You choose your own hard- and software; As a company that has almost, if not more, kids than employees, family-friendliness is crucial to us and paid parental leave is a no-brainer; We pay monthly perks that cover your costs for working remotely; We meet twice a year as an entire company and (if possible) see conferences as an important place to catch up with team members; We aim to be fully transparent (finance, salaries) unless it hurts people and trust you, based on this to make the best decisions\n\nWe failed in exactly describing our way to approach important company elements that can be described with โbuzzwordsโ such as agile mindset, cross-functional teams, self-organization, value of the individual or trust & teamwork. However, we truly care about them, we live them and we constantly iterate on them. Some snippets about how we do this are posted in our [blog](https://www.giantswarm.io/blog) but by far not all of them. \n\n**Important note:** We are not hiring job descriptions. We hire humans. :) We welcome applications from everybody, regardless ethnic or national origin, religion, gender identity, sexual orientation or age. \n\nPlease mention the word **CAPTIVATING** when applying to show you read the job post completely (#RMy4xNDQuMjM3LjMx). This is a feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.\n\n \n\n#Salary and compensation\n
$50,000 — $100,000/year\n
\n\n#Location\nCET (+/- 2 hours), USA
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Defiant and want to re-open this job? Use the edit link in the email when you posted the job!
## Description\nDefiant is a dynamic, fast-growing, and profitable company with loyal customers who love our products and services. We are the global leader in WordPress security, protecting over 4 million websites.\n\nWe're seeking a Security Analyst to work on an hourly contract basis from your home office in Australia or New Zealand from approximately 9-5 AEST Monday through Friday, with 100% availability during that time.\n\nThe contract rate for this role is $45 - $50 AUD per hour, depending on experience.\n\n\nCompany Culture\n\nYou'll work with a talented and highly-motivated team that is friendly, fast-moving, self-managing, and highly capable with a sense of humor. Our team's family time is important; we won't typically require long hours when we can avoid it, which is almost always. Our entire team works remotely using Slack for interaction, ยญso you can live practically anywhere you have a good Internet connection. There's no micro-ยญmanagement hereโwe trust that you will see tasks through to completion and communicate with your fellow team members when needed or ask for help when needed.\n\nAt Defiant, โtrustโ is the attribute we value most highly among our team members. We need to know that you can grab a task, communicate clearly with stakeholders, and see the task to completion with superb attention to detail.\n\nWe use apps like Slack, FogBugz, GitHub, and Google Apps for our workflow.\n\n\nJob Description\n\nWe are looking for Security Analysts to join our Care and Response team. You will assist our customers with support questions related to our product and investigate site intrusions; as well as repair their site and remove all traces of compromise. In addition to this you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOCโs (indicators of compromise) and share this data with our product team in a structured way.\n\nGeneral requirements:\n\n* You must be highly technical and be comfortable with a wide range of open source tools.\n* Excellent written and verbal communication skills.\n* Ability to interact with customers on a professional level.\n* You must work well in a team as well as being able to work independently without additional guidance.\n* You must be nimble, be able to think outside-the-box and be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.\n* Attention to detail.\n\n## Requirements\nThe specific skills we require for this position are:\n\n* A solid understanding of regular expressions. You need to be able to write expressions on the fly to match and remove only malicious code (which is often polymorphic) without affecting any legitimate code and to write signatures for our customers.\n* At least 5 years of experience administering multiple Linux Stacks (We don't support Windows).\n* Ability to write and read PHP, regular expressions, cron jobs and JavaScript. Other languages like Python a strong plus.\n* 5+ years with MySQL.\n* At least 2+ years of experience investigating hacked websites analysis of how the intrusion occurred and removing the intrusion vector and restoring the site to a fully functional state.\n* An understanding of all major vulnerability types and the ability to explain them to a customer in terms they can understand.\n* Ability to analyze log files and determine how an intrusion occurred.\n* Must be able to use shell tools like grep, find and any other utility that can assist with investigation and remediation.\n* 3+ years of experience with WordPress required.\n* You must be well versed in information and cyber security and any certifications you already have in penetration testing or forensics are a strong plus.\n\nAll positions require a trial period of approximately 2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing working relationship.\n\nAll offers are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of work with the company.\n\n## Benefits\nFull-time telecommuting with a company that has been 100% remote for over 8 years.\n\n## Diversity at Defiant\n\nWe value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status. \n\nPlease mention the word **EFFUSIVELY** when applying to show you read the job post completely (#RMy4xNDQuMjM3LjMx). This is a feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.\n\n \n\n#Salary and compensation\n
$60,000 — $80,000/year\n
\n\n#Location\nAustralia or New Zealand
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for IVPN and want to re-open this job? Use the edit link in the email when you posted the job!
**Please note that we are only recruiting within the UTC-1 to UTC+3 timezones.**\n\nWe are seeking a system administrator to help us maintain and expand our large fleet of bare metal servers. In this role, you will use your knowledge of system and network administration to build reliable, secure and scalable infrastructure for our VPN service. You should have expertise in Linux server administration, be able to collaborate with team members, and be a pragmatic problem-solver. \n\n### How we stand out from the crowd of VPN providers\n* Early adopters of the latest protocols and technologies.\n* Strict ethical stances around data collection and marketing practices - principles over profits.\n* Clear commitment to regular audits and transparency.\n* Calling out bad practices in the VPN industry and shunning false promises.\n* Recommended by experts whose voice we truly value - those not motivated by affiliate payouts.\n\n### What you can expect when working with us?\n* Fully remote setting with a high degree of independence.\n* Maximum freedom, minimum meetings\n * If your ideal workplace offers regular meetups and busy casual chat channels, IVPN is probably not a good fit for you;\n * on the other hand, if you value autonomy and focused work, you will appreciate our culture. \n* Competitive salary.\n* 25 days of vacation per year (+1 bonus for each year at the company).\n* Hardware of your choice to do your job.\n\n## Responsibilities\n* Remotely install leased bare-metal servers using automated build tools and scripts.\n* Ensure high availability of our large network of servers. Diagnose and resolve hardware, OS and network issues. \n* Plan, design and implement the necessary controls to ensure the security of all servers.\n* Interface with ISP's to resolve upstream issues and procure new servers.\n* Provide tier 2/3 support to customer support team for issues relating to infrastructure.\n* Collaborating with backend engineers and application developers to define and implement requirements relating to customer VPN.\n\n## Requirements\n* Experience working in a Linux environment (minimum 2 years)\n* Experience working with a configuration management tool e.g. Ansible, Puppet, Salt.\n* Experience with python or other scripting languages\n* Experience with shell scripting\n* Understanding of TCP/IP, UDP, SSL/TLS and other related Internet protocols\n* Able to work independently and manage your own projects \n\nPlease mention the word **APPRECIATED** when applying to show you read the job post completely (#RMy4xNDQuMjM3LjMx). This is a feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.\n\n \n\n#Salary and compensation\n
$50,000 — $80,000/year\n
\n\n#Location\nUTC-1 to UTC+3 timezones (Western + Eastern Europe)
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for PayPay Corporation and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nPayPay is looking for a Product Security Engineer to work on our payment system to deliver the best payment experience for our customers.\n\n\n\n\n* Security architecture reviews of existing and upcoming projects.\n\n* Acting as both a builder and a breaker by creating tools to help engineers write more secure code and performing penetration tests of public and internal applications.\n\n* Working in a fast paced environment where projects and prioritization may change frequently, security will always remain.\n\n* Participate in setting up a Bug Bounty program, writing proof of concepts, assessing risk, communication with external reporters.\n\n* Implementing and maintaining technologies for security, such as vulnerability testing, logging, monitoring and incident responses.\n\n\n\n\nTech Stack We select the best combination of tech at times. \n| Python, Golang\n| MySQL/AuoraDB, DynamoDB, ELK, Kafka, Redis, TiDB\n| AWS, GCP, TCP Networking, SSL/TLS, Key Management Systems, Certificate Authorities\n|Snyk, SonarQube, Dome9\n|PlantUML, miro.com\n|Slack, Zoom\n\nQualifications\n\n\n* 3+ years of experience as a Security Engineer.\n\n* Experience with Linux internals and hardening\n\n* Must have experience in programming languages and frameworks such as Python and Bash\n\n* Comfortable with identifying and advising on remediation for Application Security vulnerabilities\n\n* Up to date with the latest developments in security\n\n* Development of Proof of Concept exploits\n\n\n\n\nPreferred Qualifications\n\n\n* CVE Contributions\n\n* Open Source tools contributions\n\n* Published papers / blogs / articles\n\n\n\n\nHiring Process\n\n* Application Review (1-2 weeks)\n\n\n\n* HR and Team will review your resume\n\n\n\n* Code challenge (online)\n\n\n\n* Coding Test will be sent via Hirevue system\n\n* It takes 3-4 hours (max) to complete\n\n* If you need to extend the due date, please contact HR\n\n\n\n* Interviews (online)\n\n\n\n* 2-3 rounds of online interview(s)\n\n* Live Coding could be requested\n\n* Please make sure the reason you applied to PayPay (Why Fintech? Why Startup? Why PayPay?)\n\n\n\n* Job Offer\n\n\n\n*Relocation to Japan\n\n\n* Due to the current COVID-19 situation, we cannot sponsor working VISA to Japan. However as a temporary solution, you may be able to start working with us as an individual contractor. Please discuss with your recruiter about this opportunity.\n\n* Once the COVID-19's over, we will ask all employees in overseas to relocate to Japan. We will fully support your relocation.\n\n\n\n\nOther Information\n\n[Corporate Blog] https://about.paypay.ne.jp/corporate-blog\n\n[Product Blog] https://blog.paypay.ne.jp\n\n[LinkedIn] https://www.linkedin.com/company/paypay-corp/ \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, Executive, Python and Linux jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Platform.sh and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nTo reinforce our commitment to customers’ privacy and security, for its PaaS solution, Platform.sh is looking for a Security Engineer with a taste for Python and Go, excellent Linux system understanding, outstanding written English skills, experience working on PCI and/or SOC 2 compliance, and a real hunger for the challenges of building compliant distributed systems. If you’re looking for an exciting, high-growth opportunity with an award-winning, cutting-edge company, this could be the job for you.\n\nWe are targeting engineers that like writing documentation and can function in a high performing, multithreaded, 100% cloud-based, remote environment.\n\nSecurity, privacy, and compliance controls are at the heart of what we do as our mission is to simplify the cloud. The job is to transform what is often regarded as red-tape and constraints to a well-oiled machine where everything is automated and where every constraint becomes a feature making the product better.\n\nThis role reports to our Security Operations Manager, and works in close interaction with our CTO, VP of Infrastructure, VP of Engineering, our Data Protection Officer, and our Customer Support teams.\n\nIn a given day you might:\n\n\n* Act as a technical liaison between the Security department and our product, engineering, support, and operations staff.\n\n* Create documentation and processes in English to help satisfy compliance requirements and/or internal process questions.\n\n* Evaluate, deploy, and create systems and tools that will enhance our efficiency.\n\n* Support our data protection officer and compliance team with information requests, pen-testing coordinations, internal and external vulnerability scanning, disaster recovery, and related activities.\n\n* Execute our security incident management process.\n\n* Ensure all systems and services in our environment are securely designed, configured, managed, and monitored.\n\n* Work with external auditors to answer questions on PCI and SOC 2.\n\n* Participate in an on-call rotation, the majority of which is during normal working hours.\n\n\n\n\nQualifications\n\nMinimum Qualifications:\n\n\n* Experience with Linux (preferably Debian-based)\n\n* Markdown\n\n* Experience implementing PCI, SOC 2, or related\n\n* Operate largely independently (go take that hill) with management support\n\n* Able to juggle several requests at the same time\n\n* Experience securing cloud services (AWS in particular)\n\n* Sysadmin experience\n\n* Experience with git-based workflows\n\n* Proficient in Python or Golang\n\n* Experience with containerization technologies (LXC/LXD, Docker)\n\n* Working knowledge of\n\n\n\n* Patch and Vulnerability Management process\n\n* Principle of Least Privilege\n\n* Incident response\n\n* Identity and Access Management\n\n* IPTABLES\n\n* Encryption: TLS, SSH, Disk, etc.\n\n* Ticketed change control\n\n* Snapshot-based backups\n\n\n\n* CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, or CASP+ Certification or similar\n\n* Excellent written English skills\n\n\n\n\nPreferred Qualifications:\n\n\n* AWS, Google, and/or Azure certifications\n\n* Experience with performing vendor security reviews\n\n* Experience with Puppet\n\n* Knowledge of Magento Ecommerce, Symfony, Drupal, eZ Platform, or Typo3\n\n* Relational database skills\n\n* Public speaking experience\n\n* Ability to speak French or German\n\n* Ability to kick ass in Chess or beat Zork without using a map\n\n* Can bravely take on new challenges like a Gryffindor, analyze problems like Ravenclaw, protects our infrastructure and client data like a Slytherin, and talks with clients like a Hufflepuff.\n\n\n\n\nSound Like a Good Fit? We’d love to talk to you! \n\n* This is a remote job \n\nWe are a worldwide distributed team and are looking for a candidate who can perform well working remotely. To be an effective performer here at Platform.sh, you’ll need to be able to effectively collaborate across time zones while operating with a high level of independence and autonomy. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, English, Cloud, Python and Linux jobs that are similar:\n\n
$75,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for ShapeShift and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nPOSITION OVERVIEW\n\nShapeShift is seeking a Senior Software Security Engineer to help identify risks and mitigate them for this growing organization. The Software Security Engineer will be scanning, researching, hacking, and advising developers on security, in addition to altering source code to resolve security vulnerabilities. The ideal candidate will possess a keen understanding of how tweaking one parameter can vastly change the security outcomes of an information system. This position offers a unique opportunity to think with a black hat but wear a white hat for an exciting cryptocurrency startup.\n\nThis is a full-time, exempt position that reports directly to the CISO.\n\nYour desire to make a real impact on an organization and the world grows by the day. The ideal candidate will be open to daily changes in workflow and protocol (and force us to improve workflows). As a start-up in an evolving space, there are new challenges that require new solutions every day.\n\nGOALS OF POSITION\n\n\n* Stay abreast with daily CVE announcements and 0-day vulnerabilities\n\n* Provide strong software engineering experience to ShapeShift’s Security team.\n\n* Work with Site Reliability Engineers and IT administrators to mitigate any vulnerabilities found with ShapeShift's systems.\n\n* Provide security guidance and advice to software engineers on best practices for storing, securing, and accessing secrets in their application development. \n\n* Participate in architecture design discussions for ShapeShift's upcoming feature enhancements and new products/services, ensuring best practices in security are followed in each phase of development, and ensuring security risks are understood and mitigated in the design choices.\n\n* Execute and automate approved penetration tests, vulnerability scans, and related intelligence gathering about the existing security posture of development and production systems.\n\n* Manage internal TLS Certificate Authority, issuing and revoking internal server and client certificates where necessary.\n\n* Collect and organize security-related metrics for reporting to ShapeShift’s CISO.\n\n* Maintain ShapeShift's existing Information Security Policy, ensuring it is up-to-date with ShapeShift's requirements. \n\n* Providing security training to all new staff, and security refreshers to existing staff.\n\n* Oversee the provisioning of cryptographic keys and security hardware for new staff.\n\n* Can research, understand, and implement security enhancements to ShapeShift systems independently, and communicate changes to management in a timely fashion.\n\n\n\n\nSUCCESS METRICS OF POSITION\n\n\n* Concerns and risks are brought to the attention of the CISO in a timely manner\n\n* Staff receive your assessments and recommendations on improving/maintaining security in a timely manner\n\n* Staff are able to rely on you to educate them on security and answer their questions\n\n* Ability to contribute security enhancements to ShapeShift’s codebase.\n\n* Senior Security Engineer is able to meet deadlines independently\n\n\n\n\nWHAT YOU BRING TO THE TABLE\n\n\n* "Jack of All Trades" mindset, knowledgeable in many areas\n\n* "Geek to English translator" - ability to train/teach security concepts to non-security staff in easy-to-understand language\n\n* Strong "Google-fu" - ability to quickly find and learn concepts that aren't already known\n\n* Knowledge and experience that can be relied upon by others in the Security department\n\n* Ability to be flexible while working in a dynamic startup environment\n\n* Desire to make the world a better and safer place\n\n\n\n\nREQUIRED EDUCATION & EXPERIENCE\n\n\n* 7+ years of full-stack engineering experience or equivalent \n\n* Strong competency with Javascript and/or TypeScript\n\n* Strong competency with modern software development tools (git, jira, IDEs)\n\n* Experience performing source code review\n\n* Experience resolving application level vulnerabilities\n\n* Experience working with GPG / PGP\n\n* Experience with TLS, cryptographic certificates and PKI\n\n* Experience performing vulnerability scanning (i.e. Metasploit, Nessus, or similar)\n\n* Securing and administering services/daemons according to best practices\n\n* Experience working with Linux and open source technologies\n\n* At least 4 years experience in a security-focused role\n\n\n\n\nPREFERRED EDUCATION & EXPERIENCE\n\n\n* Experience securing cloud-based service providers, such as DigitalOcean, Azure, and AWS\n\n* Experience with deployment automation tools such as CircleCI, Terraform, etc.\n\n* Experience with penetration testing\n\n* Experience with charting, graphing, and presenting data visually\n\n* Experience working with cryptocurrencies and blockchains\n\n* Familiarity with Agile Development Methodologies \n\n* Familiarity with hardware and firmware security \n\n* Security certifications such as: CISSP, CISA, OSCP, Pentest+, Security+ would be an asset\n\n* Experience with Open Source Software\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Senior, Engineer, Developer, Digital Nomad, English, JavaScript, Education and Linux jobs that are similar:\n\n
$60,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Balena and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nBeing a Head of Security at balena\n\nOur users trust us to provide critical infrastructure for their distributed IoT fleets, and our engineers work hard to protect each of these devices from attacks. Our “security stack” spans from the bootloader and OS on-device, to the network and security infrastructure of our backend, to the operational security of our team.\n\nAs a Head of Security, you will learn how our complex interdependent systems are built and run. You will dig deep into diagnostics & debugging surfaces, logs, and reports to identify areas of risk and strategies to minimize vulnerabilities. You will develop and deploy security controls and concepts stretching from cloud- based apps to systems running on embedded devices, and lead initiatives to create new frameworks and roadmaps. You will influence infrastructure and product decisions and, above all, establish and promote a culture of shared responsibility for security.\n\nResponsibilities\n\n\n* Analyze weaknesses and attack patterns, and architect solutions to address them\n\n* Construct a comprehensive threat model that includes a variety of actors and security contexts\n\n* Define standards and streamline workflows for managing incidents, recovery, and vulnerability reports\n\n* Implement, tune, and enhance security auditing, monitoring, and notification systems\n\n* Perform checks to ensure our production pipeline is secure — from developer machines to servers\n\n* Design and review security-related product features, like automated vulnerability scanning and audit logs\n\n* Be a key resource for peers on support, share knowledge and mentor others on best practices\n\n\n\n\nRequirements\n\n\n* Strong technical background in software development, operations and/or information security\n\n* Experience writing high-quality code and debugging production systems\n\n* Working knowledge of Linux operating system internals\n\n* Awareness of classic and emerging threat actor tactics, techniques, and procedures in both pre- and post-exploitation phases of attack lifecycles\n\n* Ability to manage ambiguity, push through friction, and independently make critical trade-off decisions\n\n* Continuous improvement mindset and desire to make yourself and others more effective\n\n* Willingness to constantly build on your knowledge of the platform and new technologies\n\n* Excellent communication skills and fluency in English\n\n\n\n\nBonus points\n\n\n* Proficiency in at least one high-level language (we use Typescript and Javascript)\n\n* Knowledge of state of the art authentication standards such as OIDC\n\n* Good understanding of networking (TCP/IP) and higher-level HTTP & TLS protocols\n\n* Background in leading teams and working across functions to build secure products\n\n* Experience with IoT, embedded SW, dev tools, or balena as a user/contributor\n\n* Contributions to OSS projects and community involvement\n\n\n\n\nMake sure to let us know if any of these items apply to you! If possible, please also share a sample of your work or examples of projects (URL or attachment). \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec and Linux jobs that are similar:\n\n
$75,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Balena and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nBeing a Lead Security Engineer at balena\n\nOur users trust us to provide critical infrastructure for their distributed IoT fleets, and our engineers work hard to protect each of these devices from attacks. Our “security stack” spans from the bootloader and OS on-device, to the network and security infrastructure of our backend, to the operational security of our team.\n\nAs a Lead Security Engineer, you will learn how our complex interdependent systems are built and run. You will dig deep into diagnostics & debugging surfaces, logs, and reports to identify areas of risk and strategies to minimize vulnerabilities. You will develop and deploy security controls and concepts stretching from cloud-based apps to systems running on embedded devices, and lead initiatives to create new frameworks and roadmaps. You will influence infrastructure and product decisions and, above all, establish and promote a culture of shared responsibility for security.\n\nResponsibilities\n\n\n* Analyze weaknesses and attack patterns, and architect solutions to address them\n\n* Construct a comprehensive threat model that includes a variety of actors and security contexts\n\n* Define standards and streamline workflows for managing incidents, recovery, and vulnerability reports\n\n* Implement, tune, and enhance security auditing, monitoring, and notification systems\n\n* Perform checks to ensure our production pipeline is secure — from developer machines to servers\n\n* Design and review security-related product features, like automated vulnerability scanning and audit logs\n\n* Be a key resource for peers on support, share knowledge and mentor others on best practices\n\n\n\n\nRequirements\n\n\n* Strong technical background in software development, operations and/or information security\n\n* Experience writing high-quality code and debugging production systems\n\n* Working knowledge of Linux operating system internals\n\n* Awareness of classic and emerging threat actor tactics, techniques, and procedures in both pre- and post-exploitation phases of attack lifecycles\n\n* Ability to manage ambiguity, push through friction, and independently make critical trade-off decisions\n\n* Continuous improvement mindset and desire to make yourself and others more effective\n\n* Willingness to constantly build on your knowledge of the platform and new technologies\n\n* Excellent communication skills and fluency in English\n\n\n\n\nBonus points\n\n\n* Proficiency in at least one high-level language (we use Typescript and Javascript)\n\n* Knowledge of state of the art authentication standards such as OIDC\n\n* Good understanding of networking (TCP/IP) and higher-level HTTP & TLS protocols\n\n* Background in leading teams and working across functions to build secure products\n\n* Experience with IoT, embedded SW, dev tools, or balena as a user/contributor\n\n* Contributions to OSS projects and community involvement\n\n\n\n\nMake sure to let us know if any of these items apply to you! If possible, please also share a sample of your work or examples of projects (URL or attachment). \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, Executive and Linux jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for SUSE and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nSUSE is a growing company, with great products, a culture that fosters openness and friendship, and where many opportunities exist.\n\nProduct security is the most important building block of the global IT ecosystem.\n\nOur SUSE Security Team has over two decades of experience working on pro-active and reactive security to make our products and solutions outstanding. Using the latest technologies allows us to respond to hyped and very urgent vulnerabilities like ShellShock or BootHole. The race is still on-going and we need you to stay ahead and win.\n\nLocation: EMEA (Remote)\n\nKey Responsibilities:\n\n\n* Product security for our enterprise and community products\n\n* Security incident management, evaluation, assessment, fixing of vulnerabilities\n\n* Secure product and tools development, supporting development teams\n\n* Security testing, manual and automatic\n\n* Writing patches\n\n* Working in projects and teams\n\n* Communication with external and internal customers\n\n\n\n\nCandidate Profile:\n\n\n* An academic degree (Master/Bachelor or comparable) or IT specialist (Fachinformatiker)\n\n* Self-motivated and self-organised\n\n* Very good understanding of the Linux operating system\n\n* Programming skills in C and at least one scripting language (bash, perl, ruby, python, ...)\n\n* Experience with application security\n\n* Familiarity with basic security concepts (e.g. code analysis, binary formats, encryption)\n\n* Familiarity with security analysis tools is a bonus (e.g. IDA, gdb)\n\n* Knowledge of network security (TCP/IP, SSH, TLS/SSL) is a plus\n\n* Pronounced quality awareness, customer-oriented approach - Enthusiastic about security and improving knowledge in this area\n\n* Good communication skills and meticulous working style\n\n* Good knowledge of English\n\n\n\n\nWhat makes us different:\n\n\n* You will find and can connect to highly skilled engineers at SUSE\n\n* We provide many different products and endless opportunities to learn\n\n* We help our employees to develop\n\n* Our work environment is creative and productive\n\n* You can work with and within an international team\n\n* Our working hours are as flexible as possible\n\n* We organize regular events (hackathons, workshops, outdoor events, ...) to build up relationships and friendship within and across teams\n\n* At SUSE the opinion of the employee matters!\n\n\n\n\nIf you are successful for this position you'll have to pass pre-employment checks before joining us. The content of these checks may vary by country and position. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, C and Linux jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for SpotMe and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nSpotMe is the leader in enterprise engagement platforms for virtual and hybrid events. Our mission is to challenge the status quo to create greater experiences for customers and employees. SpotMe is used by over 2 million users and 80 Fortune 500 brands like L’Oréal, SAP and Pfizer.\n\nThis is a new and exciting time. Virtual is the way people work, meet, and interact. With SpotMe Anywhere, we are not following trends, we are shaping them.\n\nBehind the magic stands a curious, diligent, and humble team of professionals from 30 nationalities. A team that feels a deep pride in the work they do, a team that stayed positive and quickly adapted to the new world. In 8 weeks, we shipped a new product and we have been experiencing a 15x demand since our launch. \n\nIf working with our team in shaping the future sounds like the opportunity you're looking for then let us get to know you by submitting your resume. You will be free to decide when you want to work from home, and when you come to the office. In fact, you can work from anywhere you want in Europe or the USA.\n\nIn this role, you will be providing support in maturing and optimizing information security and compliance across SpotMe global operations, and reporting directly to the CEO. \n\nResponsibilities:\n\n\n* Responsible for SpotMe’s information security programs and strategic projects to further strengthen SpotMe information security governance\n\n* Responsible for the design, implementation, review and audit of new and existing security controls\n\n* Responsible for the ISO27001 certification\n\n* Manage SpotMe’s existing security compliance and audit programs (including SOC 2 reporting, penetration testing, network & vulnerability scanning) as well as customer-initiated audits\n\n* Respond to information security and data privacy due diligence requests from customers\n\n* Conduct risk assessments with internal parties and with 3rd party vendors; monitor and support reporting on risk reduction activities; drive corrective actions to mitigate vulnerability risks\n\n* Support executive and technology management with organization, process and architecture recommendations; define the organizational security posture, best practices, mailing lists and threat intelligence feeds reviews, as well as input to security governance and policy \n\n* Conduct internal audits to ensure that compliance towards established standards is maintained\n\n* Foster a security culture with the teams and deliver annual internal training programs\n\n* Govern disaster recovery (DR) and business continuity (BC) plans and related procedures \n\n* Maintain documentation of projects, plans and actions taken towards information security \n\n* Report to executive and engineering teams on governance and policy violations \n\n\n\n\nRequired skills and experience:\n\n\n* 3+ years of experience in information security, auditing or consulting with high-growth technology businesses\n\n* Understanding of, and implementation experience with ISO 27001:2013 and AICPA SOC 2 attestation standards\n\n* Understanding of, and compliance experience with the EU General Data Protection Regulation (GDPR)\n\n* Knowledge of common vulnerability frameworks and system, application and database hardening techniques and practices \n\n* Knowledge of networking standards (Ethernet, WLAN, TCP/IP, DNS) and Linux networking tools \n\n* CISSP certification or equivalent is required\n\n* Excellent English in verbal and written communications\n\n\n\n\nYour personality:\n\n\n* Keen to deliver to the highest existing standard with an uncompromised attention to detail\n\n* Deliver on time and to specification levels\n\n* Confident, proactive, self-starter, organized\n\n* Collaborative approach to problem-solving\n\n* This is an independent role that requires a team player for implementation\n\n* Willing and able to take responsibility for his/her actions and for the team delivery\n\n* Curios and open minded\n\n* Excellent listening and communication skills, as well as willingness to help others\n\n* Possesses a solid dose of common sense\n\n\n\n\nDo you want to join us in this exciting adventure? Please do not hesitate to reach out to us. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Analyst, English and Linux jobs that are similar:\n\n
$65,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for SemanticBits and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nSemanticBits is looking for a Security Engineer to keep our business, users, and data safe by assuring the security of our applications and platforms. This will be a highly collaborative position, in which the right candidate works to secure existing applications and platforms, makes platform and security enhancements, and helps to scale our security program through automation, process improvement, and tool creation.\n\nThe selected candidate will be required to work on multiple products and must be able to develop and present secure solutions and advice to technical teams as well as leadership. The candidate will further be required to assess risks and advise on security standards, best practices, and solutions. All this must be done by maintaining security quality and customer satisfaction.\n\nResponsibilities:\n\n\n* Collaborating with various teams to secure new platforms/applications\n\n* Implementing platform security and framework improvements\n\n* Implementing analysis and monitoring tools\n\n* Working with engineering and QA teams to build tools and scale security in a continuous deployment environment\n\n* Assessing the security of applications, APIs, and platforms via penetration testing and code reviews\n\n* Document System Security plan and Contingency Plans for related projects\n\n\n\n\nRequired Qualifications:\n\n\n* A Bachelor's degree or higher in Computer Science, Electrical Engineering, Information Assurance, Network Security Computer Engineering or a related field, or equivalent experience\n\n* At least 5 years of experience in the following;\n\n\n\n* NIST 800-53 security controls\n\n* Penetration Testing\n\n* System Hardening (blue team)\n\n* Programming/Scripting (java, node, python, etc)\n\n* Incident Response\n\n\n\n* Strong knowledge to perform below tests:\n\n\n\n* Penetration testing\n\n\n\n* Static Analysis/Static Application Security Testing\n\n* Vulnerability Assessment/Scanning\n\n* Dynamic Analysis/Dynamic Application Security Test (DAST)\n\n* Malicious Software Analysis\n\n\n\n\n\n* Strong foundation in one or more of the following:\n\n\n\n* Data management security\n\n* Authentication\n\n* Applied cryptography\n\n* Linux security\n\n* Network & Cloud security\n\n\n\n* Advanced knowledge of Linux platforms\n\n* Advanced knowledge of application mobile security tools\n\n* Strong technical acumen securing software and hardware\n\n* Understanding of software development and working experience with any one of the higher level programming languages or scripting\n\n* Familiarity and experience with security technologies such as security engineering, security architecture, cryptography, data security, risk management, identity and access management, communication and network security, security assessment and testing, software development security, security operations\n\n* Familiarity and experience with popular open source security projects such as OWASP ZAP and Snort\n\n* Thorough understanding of issues documents in the OWASP Top Ten and CWE Top 25\n\n* Demonstrated ability to exploit and mitigate application-level vulnerabilities\n\n* Strong understanding of cryptography as applied to web application security (encryption, hashing, PKI management), including analysis and implementation\n\n* Experience using Linux/Unix at the command line for tasks related to web application development and deployment (DevOps)\n\n\n\n\nOne or more of the following certifications is preferred;\n\nOSCP, OSCE, OSWE, CISSP, GPEN, GXPN \n\nNice to Have: \n\n\n* Strong engineering background \n\n* Application architecture experience \n\n* Experience working in the healthcare industry\n\n* Federal Government contracting work experience\n\n* Prior experience working remotely full-time\n\n\n\n\nPhysical and emotional requirements for the job:\n\nThis position is to be performed remotely from an individual’s home office and involves sedentary work. Employees in this role can be expected to exert up to 10 pounds of force on occasion in order to lift, carry, push, pull or otherwise move standard electronic equipment. Employees are expected to make decisions in a timely manner and display emotional intelligence during occasional stressful situations. \n\n\n\n\n\nBenefits:\n\n\n* Generous base salary\n\n* Three weeks of PTO\n\n* Excellent health benefits program (Medical, dental and vision)\n\n* 401k retirement plan. We contribute 3% of base salary irrespective of employee's contribution\n\n* 100% paid short-term and long-term disability\n\n* 100% paid life insurance\n\n* FSA\n\n* Casual working environment\n\n* Flexible office hours\n\n* New laptop (Mac or PC - your choice)\n\n\n\n\nSemanticBits, LLC is an equal opportunity, affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristic protected by law. We are also a veteran-friendly employer. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, Cloud, Mobile and Linux jobs that are similar:\n\n
$70,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Platform.sh and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nTo reinforce our commitment to customers’ privacy and security, for its PaaS solution, Platform.sh is looking for a Security Engineer with a taste for Python and Go, excellent Linux system understanding, outstanding written English skills, experience working on PCI and/or SOC 2 compliance, and a real hunger for the challenges of building compliant distributed systems. If you’re looking for an exciting, high-growth opportunity with an award-winning, cutting-edge company, this could be the job for you.\n\nWe are targeting engineers that like writing documentation and can function in a high performing, multithreaded, 100% cloud-based, remote environment.\n\nSecurity, privacy, and compliance controls are at the heart of what we do as our mission is to simplify the cloud. The job is to transform what is often regarded as red-tape and constraints to a well-oiled machine where everything is automated and where every constraint becomes a feature making the product better.\n\nThis role reports to our Security Operations Manager, and works in close interaction with our CTO, VP of Infrastructure, VP of Engineering, our Data Protection Officer, and our Customer Support teams.\n\n\nIn a given day you might:\n\n\n* Act as a technical liaison between the Security department and our product, engineering, support, and operations staff.\n\n* Create documentation and processes in English to help satisfy compliance requirements and/or internal process questions.\n\n* Evaluate, deploy, and create systems and tools that will enhance our efficiency.\n\n* Support our data protection officer and compliance team with information requests, pen-testing coordinations, internal and external vulnerability scanning, disaster recovery, and related activities.\n\n* Execute our security incident management process.\n\n* Ensure all systems and services in our environment are securely designed, configured, managed, and monitored.\n\n* Work with external auditors to answer questions on PCI and SOC 2.\n\n* Participate in an on-call rotation, the majority of which is during normal working hours.\n\n\n\n\n\nQualifications\n\nMinimum Qualifications:\n\n\n* Experience with Linux (preferably Debian-based)\n\n* Markdown\n\n* Experience implementing PCI, SOC 2, or related\n\n* Operate largely independently (go take that hill) with management support\n\n* Able to juggle several requests at the same time\n\n* Experience securing cloud services (AWS in particular)\n\n* Sysadmin experience\n\n* Experience with git-based workflows\n\n* Proficient in Python or Golang\n\n* Experience with containerization technologies (LXC/LXD, Docker)\n\n* Working knowledge of\n\n\n\n* Patch and Vulnerability Management process\n\n* Principle of Least Privilege\n\n* Incident response\n\n* Identity and Access Management\n\n* IPTABLES\n\n* Encryption: TLS, SSH, Disk, etc.\n\n* Ticketed change control\n\n* Snapshot-based backups\n\n\n\n* CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, or CASP+ Certification or similar\n\n* Excellent written English skills\n\n\n\n\n\nPreferred Qualifications:\n\n\n* AWS, Google, and/or Azure certifications\n\n* Experience with performing vendor security reviews\n\n* Experience with Puppet\n\n* Knowledge of Magento Ecommerce, Symfony, Drupal, eZ Platform, or Typo3\n\n* Relational database skills\n\n* Public speaking experience\n\n* Ability to speak French or German\n\n* Ability to kick ass in Chess or beat Zork without using a map\n\n* Can bravely take on new challenges like a Gryffindor, analyze problems like Ravenclaw, protects our infrastructure and client data like a Slytherin, and talks with clients like a Hufflepuff.\n\n\n\n\nSound Like a Good Fit? We’d love to talk to you! \n\n\n* This is a remote job \n\nWe are a worldwide distributed team and are looking for a candidate who can perform well working remotely. To be an effective performer here at Platform.sh, you’ll need to be able to effectively collaborate across time zones while operating with a high level of independence and autonomy. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, English, Cloud, Python and Linux jobs that are similar:\n\n
$75,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
This job post is closed and the position is probably filled. Please do not apply. Work for Defiant and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 3 years ago
\nDefiant is a small, dynamic, fast-growing, and profitable company with loyal customers who love our products and services. We are the global leader in WordPress security, protecting over 3 million websites.\n\nWe're seeking a Security Analyst to work on a contract basis from your home office in Australia or New Zealand from approximately 9-5 AEST Monday through Friday.\n\nCompany Culture\n\nYou'll work with a talented and highly-motivated team that is friendly, fast-moving, self-managing, and highly capable with a sense of humor. Our team's family time is important; we won't typically require long hours when we can avoid it, which is almost always. Our entire team works remotely using Slack for casual interaction, so you can live practically anywhere you have a good Internet connection. There's no micro-management here—we trust that you will see tasks through to completion and communicate with your fellow team members when needed or ask for help when needed.\n\nAt Defiant, ‘trust’ is the attribute we value most highly among our team members. We need to know that you can grab a task, communicate clearly with stakeholders, and see the task to completion with superb attention to detail.\n\nWe use apps like Slack, FogBugz, GitHub, and Google Apps for our workflow.\n\nJob Description\n\nWe are looking for security analysts to join our forensics team. You will assist our customers to investigate how their site was hacked and to repair their site and remove all traces of the intrusion. In addition to this you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOC’s (indicators of compromise) and share this data with our product team in a structured way.\n\nGeneral requirements:\n\n\n* You must be highly technical and be comfortable with a wide range of open source tools.\n\n* Excellent written and verbal communication skills.\n\n* You must work well in a team.\n\n* You must be nimble, be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.\n\n* Attention to detail.\n\n\n\n\n\n\n\nRequirements\n\n\nThe specific skills we require for this position are:\n\n\n* A solid understanding of regular expressions. You need to be able to write expressions on the fly to match and remove only malicious code (which is often polymorphic) without affecting any legitimate code.\n\n* At least 5 years of experience administering LAMP systems.\n\n* Ability to program in PHP and JavaScript. Other languages like Python a strong plus.\n\n* Understanding of SQL and ability to use the MySQL client.\n\n* Experience investigating hacked websites, determining how the intrusion occurred and removing the intrusion and restoring the site to a fully functional state.\n\n* An understanding of all major vulnerability types and the ability to explain them to a customer.\n\n* Ability to analyze web log files and determine how an intrusion occurred.\n\n* Must be able to use Linux shell tools like grep, find and any other utility that can assist with investigation and remediation.\n\n* Experience with WordPress required.\n\n* You must be well versed in information security and any certifications you already have in penetration testing or forensics are a strong plus.\n\n\n\n\nAll positions require a trial period of approximately 2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing working relationship.\n\nAll offers are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of work with the company.\n\n\n\n\nBenefits\nFull-time telecommuting with a company that has been 100% remote for over 5 years. \n\nDiversity at Defiant\n\nWe value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status.\n\nHIRING PROCESS\n\nWe have a unique process that we use when it comes to hiring our forensic and remediation team. It works as follows:\n\n* The initial step is to fill in the form provided in this application. This is very important because we look at your answers to this form before we look at any other part of your application. The way you answer our form will largely determine if your application moves on to the next step.\n\n* If approved, we will ask you to answer a set of questions to further measure your aptitude in the required skills as well as your written communication.\n\n* If you perform well on the questions, you will move on to a final phone interview via Skype.\n\n* If you are successful, you will join our fast-paced team and start contributing valuable research to Wordfence and the larger online community. All Security Analyst positions start on a paid 3 week trial contract that is available part-time (at least 15 hours per week) with flexible hours.\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Analyst, PHP, Python, LAMP, Linux and Telecommuting jobs that are similar:\n\n
$75,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
Frontpage
๐ Remote jobs
๐ Dark mode
๐ฉโ๐ป Hire remote workers
๐จ Post a remote job
๐ฑ Compact mode
โ๏ธ Remote work blog new
Health insurance for teams
Hacker News mode
Safe for work mode
