Senior Security Engineer - Infrastructure
Wasabi Technologies
Other Engineering
Boston, MA, USA
Posted on Wednesday, December 13, 2023
At Wasabi, we’re a proven collection of pioneers, visionaries and disruptive doers. We see things differently than our competitors, and we make our mark in the industry by challenging the norm and delivering the unexpected and improbable. We’re a fast-growing company taking the Cloud Storage industry by storm and recognized as one of the best places to work in Boston.
Wasabi hot cloud storage is a new class and category of cloud storage, breaking all traditional barriers and boundaries of storage with a disruptive value proposition of being 1/5th the cost of AWS S3, faster than the competition, with no fees for egress or API request and delivered as a single-tier solution. Cloud storage has never been so simple, so fast and so inexpensive. It’s all part of our vision to make cloud storage the next great global utility, just like electricity.
Role Description: Senior Security Engineer - Infrastructure
Role Background:
As a Senior Security Engineer at Wasabi Technologies, you'll play a crucial role in safeguarding our cloud storage platform, enhancing our security practices from development through production across our global data centers. Your responsibilities will include evaluating, deploying, configuring, and maintaining components of our security infrastructure. You'll collaborate closely with our development and operations teams to ensure the security of our systems and deployment pipelines.
At Wasabi, you'll contribute to building and maintaining our entire infrastructure, from rack space and power to networking, Kubernetes clusters, and workloads. Your expertise in cloud security with AWS, Azure, or Google Cloud is highly valuable and will be essential in tackling new challenges ahead.
*Principals Only. No Recruiters.
Responsibilities:
- Managing and maintaining container security solutions and infrastructure, which includes tasks such as image scanning, static analysis, dependency analysis, and other components within Continuous Integration pipelines.
- The candidate will develop, implement, identify, integrate, and maintain security controls automation and security operations. Additionally, you’ll collaborate with business and technology partners to define the least privileged roles in applications and systems.
- Overseeing, maintaining, and enhancing vulnerability management systems using a mix of internal tools and third-party resources.
- Work closely with the security team to assess, prioritize, and address vulnerabilities in Linux and application ecosystems, including those related to Go and JavaScript. Also, tools like Terraform, Ansible, Python, and Go can be used to create and deploy new services. It’s a collaborative effort with other security professionals and DevOps engineers to develop and implement effective security strategies.
- Sustaining and elevating our SIEM platform for improved efficacy and efficiency.
- Staying abreast of emerging security threats and trends to ensure up-to-date knowledge.
Requirements:
- 5+ years DevOps tool expertise and industry best practices. Regulatory background preferred (FedRAMP, DoD, HIPAA).
- 5+ years of experience with security technologies and products such as firewalls, intrusion detection/prevention systems, endpoint protection, vulnerability scanners, Kubernetes security, and infrastructure security. Practical experience in Linux fundamentals, system administration, package management, proficiency with security tools, and hands-on TCP/IP networking expertise.
- Hands-on experience managing and integrating with an identity provider (we use Okta) and HashiCorp Vault.
- Implementing IAM systems involves automating user privilege attestation and gaining experience with cloud platforms such as AWS, GCP, or Azure.
- Relevant security certifications (CISSP, CKS, GIAC)are not required but would be strong positives.
Wasabi Technologies is an Equal Opportunity Employer. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.