Senior Cloud Security Engineer at Submittable

Posted on: 06/14/2022

Location: (REMOTE)

full time

Original Source

Tags: vpc yaml gcp azure github aws docker javascript cloudformation net bash python terraform kubernetes

Submittable is seeking a **Senior** **Cloud Security Engineer** to bring our systems to the next level of security, availability, and durability. You’ll recommend and implement changes across our environments, evaluate new technologies, respond to production issues that arise, be challenged with complex problems to solve, and contribute to our technological direction. The position is a full-time individual contributor role and reports to the Engineering Manager for Infrastructure. #### **The Senior Cloud Security Engineer responsibilities include:** * Provide leadership in the areas of Vulnerability Management, DAST (Dynamic Application Security Testing), Application Security, Information Security, Data Analysis of security monitoring outputs, coordination of remediation patching, working with Development Teams and other Security and Compliance efforts * Support day-to-day security operations, security tool integration, and automation * Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards * Design, engineer, operationalize and maintain the secure systems which support continuous deployment/integration solutions with strong focus towards innovation * Analyze software design documents from a security standpoint and perform threat assessment for the developed cloud-native platform * Identify, integrate, monitor and improve security controls by understanding business processes * Implement secure software development measures into CI/CD pipelines in collaboration with development teams * Conduct regular Vulnerability Assessments and Penetration Tests * Support External/Internal Audits and security assessment requests * Help remediate the findings and implement improvement measures * Scheduled maintenance activities to keep the infrastructure components robust with latest patches and updated versions of software running in the infrastructure stack * Evaluate, select, implement and maintain security tools, infrastructure, and automation * Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk * Manage the security bug backlog with development teams * Perform other job-related duties as requested * Participate in the on-call rotation * Attend post mortems and contribute to identifying root causes * Troubleshoot complex issues #### **An ideal candidate will have these qualities and experience:** * Bachelor's degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise * 5+ years of software engineering experience * 2+ years in an information security or cloud security engineering role * Experience working with DevOps, Engineering and Compliance teams in a dynamic and collaborative environment to promote and implement the SecDevOps program throughout the organization * Experience with CI/CD and developing tools * Must be able to work with technologies including: AWS, Azure, Git, GitHub Actions, Kubernetes, Docker, AWS CDK/SDK/API, CloudFormation, Terraform, Python, .NET, JavaScript, Bash, YAML, DAST * Strong understanding of cloud networking (DNS, SSL, Virtual Networks, VPC, VPN, Routing, Peering, NATs, Firewalls) * Experience with variety of operating systems and Cloud Data Platforms (AWS, Azure, GCP) * Excellent analytical, interpersonal and English communication skills both oral and written * Has a love of learning * Proactive sense of urgency and 'can do' attitude * Ability to convey and explain complex technical information to non-technical staff * **We are interested in every qualified candidate who is eligible to work in the United States. However, we currently do not sponsor H-1B visas** **About Submittable** Submittable is on a mission to empower social good organizations with technology that accelerates their work and scales their impact. We partnered with thousands of organizations, governments, and corporations last year to launch 10,000+ programs, process over 4 million applications, and distribute $2.5 billion in funding and aid. Grow your career at an Inc. 5000 fastest-growing company, while having a positive impact on people globally. Submittable has its headquarters in downtown Missoula, Montana, with a satellite office in Seattle, Washington and remote employees located around the U.S. We offer highly-competitive benefits for full-time employees, including: * Health insurance, 401K, life insurance, and optional HSA, FSA, and DCA accounts * Flexible hours, including flexible vacations and sick leave, and remote work options * Generous paid parental leave policy for mothers, fathers, and adoptive parents * Discounted fitness memberships, professional development stipends, and book purchase reimbursement * Involvement in community outreach programs for all employees, including company volunteer outings at local nonprofits * Fully-stocked kitchens with complimentary snacks and beverages for all employees As a product used globally, we're very motivated to hire and support employees who are representative of different and diverse backgrounds and experiences, including but not limited to diversity of ethnicity, sexual orientation, gender, religion, ability, culture, and socioeconomics.