Listing Description

Description of Duties

Within the IT Ops Security Engineering role, you will be responsible for connecting the day-to-day and long term initiatives between the IT Operations and Security groups here at Grafana Labs, in support of building an enabling, collaborative security culture. 

You will be tasked with informing, planning and implementing the foundation of various business critical IT security strategies. Projects running the gamut of automation to access control to MDM policy to hardware token roll-outs to endpoint security are some of the challenging project backlog items you can expect to dive into beginning on your first day.

You will collaborate closely with Grafana’s Security group to identify, design and implement policy changes, push improvements, report vulnerabilities, propose resolutions, audit internal applications, and much more.

We are a modern, startup/scaleout and cloud-native organization, so you should be able to bring ideas and approaches that align to this.

In essence, you will be the vigilant eyes over Grafana’s corporate IT platforms and infrastructure and the curator of IT experiences that combine sufficient security with a great user experience - continually intent to improve our security stature while working through our planned on-going efforts.

For an idea of the kind of security culture and approach we’re trying to build, check out this blogpost.

Key Responsibilities

• Roll-out and coordinate any IT Ops security related projects which include, but not limited to, endpoint security programs, hardware tokens, etc. 


• Be the bridge between IT Operations and Security to ensure alignment, coordination and implementation of cross-functional projects, communication, working groups and more.  


• Stay up to date with industry best practices, technologies, trends, zero day notices, alerts, etc. and provide feedback to key stakeholders, determine if there is any impact internally and if required, develop plans to best prevent and remediate any potential issues or threats.


• Work closely with Security to develop policies for endpoint and corporate application/tool protection.


• Act as primary POC and triage partner to represent IT Ops in the event of any declared security incident. 


• Monitor and action various security related portals and automated alerting across IT Ops.


• Build installation packages for various security software required to be installed on endpoints.


• Be the escalation point to troubleshoot user issues with package installations.


• Build visual data flows to document how systems interact with each other and what data is shared.


• Develop and enforce access groups across multiple applications and platforms.


• Audit user access across systems and tools, ideally automating this process. 


• Act as POC for IT Ops during security audits (SOC 2, ISO27001, etc) 


• Review internal processes and provide feedback to harden the process overall.


• Create and update all documentation for systems, processes and tools related to IT Operations Security. 


• Partner with Procurement and Infosec to provide insight into IT Security requirements from current and future vendors.


• Use Grafana itself to implement dashboards for IT Security Operations specific metrics.


• Create and maintain IT Security Operations documentation, FAQs, and solutions. 


• Engages in research and in-depth troubleshooting to resolve technical and security related IT issues.

Requirements

• Familiarity with tools like osquery, ossec, sysdig and similar tools 


• 3+ years experience working with endpoint security (EDR and Antivirus) such as Crowdstrike, Sophos or similar technologies.


• 5+ years experience with Windows 10, MacOS and Linux Operating Systems.


• 3+ years experience with SSO and SAML technologies utilizing Okta, Google, or other IDP vendors.


• 3+ years experience with Mobile Device Management (MDM) tools such as JAMF, Workspace One or similar technologies


• Understanding of Identity and Access Management across the different Cloud providers (GCP, AWS and Azure) 


• Strong understanding of disk encryption across MacOS, Windows and Linux.


• Strong understanding of multiple directory services (LDAP, Azure AD, etc)


• 3+ years experience with scripting and automation.


• Experience with security standards and frameworks such as SOC 2 and ISO27001 (including audits)

What you’ll bring to the role

• Strong verbal and written communications skills with the ability to effectively communicate with all levels of employees and provide support globally


• A strong IT Security mindset


• Experience working in a “remote first” environment


• Empathetic and collaborative


• Strong work ethic


• Experience working well in both a team environment and independently


• Inquisitive demeanor with willingness to learn new technologies and responsibilities