Security Engineer (CPE) - Symantec
You are passionate about technology and security, have formed your own opinions about which technologies are better suited to different problems and why they are better, but remain flexible and open to alternative technologies and approaches. You recognize that effective security requires a nuanced approach to balancing security, business needs and human factors. You thrive on fresh ideas and are comfortable in a dynamic, changing environment.
The role of Cloud Platform Engineering (CPE) Security Engineer is to maintain the security of our multi-tenant, data-intensive, Hybrid Cloud, covering everything from network configurations to the run-time complexities of securing containerized workloads dependent on dynamically discovered micro-services.
Your Day-to-Day Functions:
- You’ll effectively advocate for security engineering within the CPE team by teaching sound security engineering practices, which may include producing code samples and test methods; reviewing test plans and code analysis metrics of our teams; designing and implementing connections between vulnerability scan results and corrective actions.
- You’ll develop/deploy and operate best-of-class tools to detect security threats and incidents; respond to detected threats by driving the quick mitigation of such issues by the larger engineering team; work with security experts within Symantec to characterize and propagate knowledge of these threats to our product teams and customer base.
- You’ll work with operations and development staff to strike a sound business balance in our security policies between agility, productivity and convenience on one hand, and the confidentiality, integrity and availability of customer data on the other.
- Periodically you will evaluate the effectiveness of our security controls through penetration testing and other forms of threat modeling, log analysis, incident Pareto charts and other methods.
What Success Looks Like:
- After 3 months, you will have acquired a deep understanding of how our Hybrid Cloud platform and services operate to provide applications with a secure, available and easy-to-use run-time environment. You will have created and updated architectural diagrams and deployment models to reflect the “as-built” reality instead of the “as-designed” intention. You will be comfortable navigating the flow of confidential data across multiple platforms, through multiple services and past our security control and monitoring points.
- After 12 months, you’ll be collaborating with Symantec’s enterprise security experts to share with them your learnings about the novel threats you’ve seen and the steps you’ve taken to secure the Hybrid Cloud, as well as providing feedback to our enterprise security product teams. You’ll be conversant with the controls required to for our cloud to meet common certification requirements.
- Passionate about data security with a strong desire to learn more from the industry’s leading experts about Hybrid Cloud security issues, cryptography, threat modeling, penetration testing, and secure software development.
- Recent experience securing production workloads in public clouds (AWS, Google, Azure, other)
- Recent experience implementing federated IAM (e.g., RBAC, SSO, SAML, Shibboleth, Kerberos) with deep understanding of authz/authn problems and solutions.
- Professional experience developing applications using mainstream OO technologies (Go, C++ or Java)
- Excellent interpersonal skills and ability to work in cross-functional, global environment
- BSEE or equivalent, or equivalent practical experience
- Current security certification (e.g., CISSP, CEH, CISA, CISM, SECURITY+, OSCP, CCSK/CCSP)
- Detailed knowledge of networking, storage and computing protocols and technologies.
- Recent experience evaluating tools (AFW, IDS/IPS, DLP, pen testing, static code analysis)
- Recent experience writing operational scripts in one of Ruby, Python or Perl
- Familiarity with modern configuration mgmt tools (e.g., Puppet, Ansible, Chef or Salt)
- Familiarity with cloud orchestration tools (e.g., CloudFormation, Scalr, CloudFoundry)
- Familiarity with security technologies available in AWS, GCE, Azure and OpenStack
- Familiarity with logging and monitoring concepts and technologies (ELK or Splunk)
- Familiarity with the principles of encryption, server certificates, and key management
- Familiarity with tools for investigating network performance and connectivity