Listing Description
About the Opportunity:
At Angi, security is tightly woven into product and infrastructure development. We challenge our teams to build systems that are secure-by-default and to protect our users’ most sensitive data. You will be joining a team of engineers who will champion security initiatives throughout the organization. You will be building tools to make secure-by-default easy. You will be conducting regular audits/tests to identify risks and prioritizing fixes for the identified risks. You will continue to raise the bar to make our systems secure.
What you will do:
- Implement security best practices in our cloud and on-premise IT environment following industry standards / recommendations.
- Identify vulnerabilities / missing patches across all physical servers, virtual servers, end user workstations, containers, etc. and ensure they are prioritized for remediation.
- Implement runtime security measures for our container environments.
- Ensure relevant audit and security logs are collected to a central location and exposed to the correct teams for triage, analysis, and incident response.
- Work with auditors and compliance teams to meet required policies and collect required evidence.
- Work with IT / Engineering teams to ensure admin rights are not needed on end user workstations for every day tasks and to ultimately trim down the number of users that have admin rights.
- Ensure all endpoints throughout the organization are configured with security settings that align with industry standards and that they have the relevant security tools (MDM, EDR, etc.) installed.
- Implement zero trust principles throughout the infrastructure that facilitates a BYOD model for certain use cases.
- Enhance incident response playbooks and leverage automation using SOAR products where possible.
- Actively participate in the design and implementation of applications, services, and infrastructure to ensure security and privacy design principles are being followed.
- Actively participate in all facets of the incident response lifecycle
Who you are:
- You have a BS or an MS in Computer Science, Computer Engineering, Cyber Security, or a related field
- You have 4+ years of experience working on a security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
- You have experience in AWS specifically with one or more of the following AWS services: GuardDuty, Config, WAF, Shield, Macie, CloudTrail, SecurityHub.
- You have in-depth knowledge of security threats, applied cryptography, and risk assessments
- You have software engineering experience and an engineering mindset for building reliable and maintainable security infrastructure to support a large organization with CI/CD software engineering practices
- You have experience working with product development teams to empower them on advancing security initiatives
- You have experience defining and implementing internal practices and controls for PCI and SOX/ITGC information security compliance standards
- Willingness to learn and apply new skills and technologies
- Knowledge of Kubernetes or container technologies preferred
Compensation & Benefits
- The salary band for this position ranges from $160,000 - $210,000 annually, commensurate with experience and performance. Compensation may vary based on factors such as cost of living.
- This position will be eligible for a competitive year end performance bonus & equity package
- Full medical, dental, vision package to fit your needs
- Flexible vacation policy; work hard and take time when you need it
- Pet discount plans & retirement plan with company match (401K)
- The rare opportunity to work with sharp, motivated teammates solving some of the most unique challenges and changing the world
#LI-Remote
#BI-Remote
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided