Security Production Engineer
Reporting to the Vice President of Production Engineering, The Security Production Engineer is responsible for playing a critical role in effectively building, maintaining and improving the security of our systems, platform, and infrastructure deployed in AWS and in On Premise security appliances. This role has the opportunity to influence and design current strategies and procedures for securing our environments. You will directly influence the application configuration, deployment process of our application and create tools to improve our processes, monitoring and application infrastructure to implement a SecDevOps approach that is integrated into the deployment pipelines, continuous, and low-friction where security cannot be a blocker.
- Develop and deploy tools and processes that for securely managing environments used by Cofense Simulator, Triage, and other SaaS and Managed Service offerings.
- Work with other security-focused engineers, production engineers, and software engineers to manage traditional systems and network security tools such as web application firewalls, DDoS service, HIDS while working to integrate security into dynamic cloud environments that leverage AWS services and Docker.
- Work across multiple production engineering and development teams to establish, enforce, and socialize security practices and procedures in the building of environments and deployment of code
- Implement, configure, and manage of security tooling for hosts and applications and cloud services
- Perform vulnerability identification and remediation including patch management for systems and networks
- Objectively assess risks based on business critical of system and data assets
- Manage and monitor AWS account security including best practices, security groups, user access
- Manage and configure of security tooling such as web application firewall, HIDS, VPNs.
- Manage of user access, roles, and permissions to critical services
- Harden systems and cloud infrastructure according to industry best practices such as CIS
- Implement security controls to address compliance requirements such as SOC2, ISO, HIPPA, and GDPR.
- Cross-team work with the various product offerings within Cofense
- Provide support to Sales Engineering in developing responses to RFP/RFQs
- Other duties as assigned
Knowledge, Skills and Abilities Required
- Solid knowledge of Enterprise security fundamentals and how they must to be adapted DevOps/Cloud Environments
- Ability to analyze security event and vulnerability findings from disparate sources (network, application, operating system, etc.) using a variety of manual and automated tools and processes
- Comfortable with a fast-moving development pace where security cannot be a blocker
- Knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS) and security technology (security groups, CloudTrail, VPC Flow Logs, CloudWatch)
- Familiarity with automated configuration management such as Puppet, Chef, or Ansible
- Strong Linux (CentOS/Ubuntu) background with experience working in large AWS deployments
- A strong interest in the field of information security principles
- Docker CLI familiarity and knowledge of repositories and container management preferred
- Familiarity with Jenkins, Git, Artifactory preferred
Education and/or Experience:
- Past experience working as part of distributed, remote-first team preferred
- Experience managing and building virtual appliances preferred
- Python or Ruby development background preferred
- Experience automating tasks in AWS using CloudFormation or Terraform preferred
- Experience automating AWS tasks with Lambda Functions preferred
- Experience Non-AWS Cloud providers such Azure or GCE preferred
- Experience with Signal Sciences, JumpCloud, Jenkins, OSSEC HIDS and Zscaler preferred
The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.
Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.
Meet Some of Cofense's Employees
Mike W.Software Engineer II
Mike works with product managers and engineers to understand customer needs and incorporate them into products that will effectively defend customer data.
Back to top