Responsible for the security of CallRail’s internal network and cloud assets. This is a hands-on position requiring the individual to have expert-level experience in the deployment, management, and maintenance of Cisco network technologies and enforcement of security requirements for cloud-based applications and supporting infrastructure in AWS.
The successful candidate will have excellent knowledge and experience in security best practices, vulnerability management, and incident response. The goal is to ensure the security, privacy, integrity, and high availability of the network and cloud assets to provide maximum performance for the user community. This position reports directly to the head of security with a strong dotted line to the DevOps team.What You'll Do
- Lead cloud infrastructure vulnerability management and perform hands-on remediation efforts.
- Lead application vulnerability management (SAST, DAST, OSS, and License compliance) and assist in remediation efforts. As well as taking ownership of CallRail’s bug bounty program.
- Lead and implement cloud security best practices.
- Lead in establishing, implementing, and enforcing enterprise network and telephony technologies, standards, practices, and policies. Ensure regular maintenance and usability of the internal network including but not limited to access points, switches, firewalls, and VPN.
- Serve as the subject matter expert between IT security and engineering team
- 10+ years of experience with networking, permissions, security, and telephony technologies
- 10+ years of experience with systems like firewalls, routers, load balancers, APs, and switches
- 5+ years of experience in cloud security (AWS)
- Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management.
- Knowledge of the SDLC and experience integrating security best practices at every process stage. Must have practical experience implementing OWASP Top 10 for Saas
- Strong understanding of cloud security principles within AWS, including secure architecture design and configuration management.
- Knowledge of container security principles, such as Docker and Kubernetes.
- Experience with DevOps practices, such as continuous integration and delivery (CI/CD) and infrastructure as code (IaC).
- Experience running Bug Bounty programs, including the ability to reproduce findings, ability to determine risk, and develop remediation plans.
- Familiarity with compliance frameworks and regulations, such as HIPAA and GDPR.
- Strong problem-solving skills, including analyzing complex security issues and developing and implementing effective solutions.
- Effective communication skills, including working collaboratively with cross-functional teams and communicating with security researchers.
- Strong project-management skills, including identifying goals for a team, defining a project plan, and working with stakeholders to achieve results.
- A passion for continuous learning and keeping up with the latest security trends and technologies.
- Healthcare (one option covered at 100% for employees), Dental & Vision Coverage
- Competitive HSA with company matching
- Paid parental leave
- Flexible vacation policy
- 401K options with company dollar-for-dollar match
- Employee stock options available from day one
- $2,000 annual educational allowance
- Catered lunch every Tuesday * an in-office perk
- MARTA transportation or office parking expenses covered
- Employee charitable donation company match, up to $500 annually
- Regular company outings and events *yes, even during COVID, except virtually
- Remote work from home options with $500 office stipend to set up your home office
- Designated bike storage
Learn more: https://www.callrail.com/about/
You Are Welcome Here
CallRail understands that valuing diverse creative practices and forms of knowledge are crucial to and enrich the company's core mission. We encourage applications from everyone, including members of all equity-seeking communities, such as (but certainly not limited to) women, racialized and Indigenous persons, persons with disabilities, and persons of all sexual orientations and gender identities and expressions. In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc).