The Information Security team is looking for an experienced Senior Security Engineer to assist with the execution and continued development of the information security program.  

The Senior Security Engineer will be responsible for improving tools and processes, automating routine tasks, improving system reliability, and providing engineering support for day-to-day security operations.  The candidate will report to the Director of Information Security, work cross-functionally, and support personnel on technical and non-technical security risks. 

Primary Responsibilities:

• Build, secure, and maintain the overall security for cloud environments, such as AWS


• Integrate security automation and scripting tools (Terraform, Ansible, etc.) to support security infrastructure, maintenance, and configuration management.


• Support cross-functional teams to securely build infrastructure-as-code early in the continuous integration/continuous delivery (CI/CD) pipeline; shift-left security. 


• Manage security alerts, participate in on-call rotation, respond to security incidents, lead technical investigations, and perform evidence acquisition. 


• Conduct security assessments, oversee vulnerability management, manage penetration tests, and provide remediation guidance for timely mitigation of application and system weaknesses.


• Perform SIEM monitoring and analysis of system, application, and user exploitation attempts.


• Respond to compliance requests by collecting, analyzing, and interpreting audit evidence.


• Perform technical security reviews for new product and technology implementations.


• Stay up to date with the latest security developments and security trends to continually improve internal processes.

Qualifications: 

• 5 - 10 years experience working in security engineering and operations roles.


• 3 - 5 years experience working with containers and Kubernetes/EKS environments.


• Possess the ability to contribute application code to automate security operations tasks using Terraform and Ansible.


• Experience with branching strategies in Git and experience creating jobs and pipelines in CI/CD tools.


• Extensive experience with scripting languages (Python, Bash).


• Extensive experience in regulated environments subject to security governance and compliance frameworks such as PCI-DSS, SOC 2, Sarbanes-Oxley, and Fedramp.


• Experience working with Cloud Service Provider platforms such as AWS and the tools used to manage day-to-day activities.


• Experience with security automation & scripting, Vulnerability Management tools, Single Sign-on (SSO) solutions, Security Information and Event Management (SIEM) systems, Enterprise Detection & Response (EDR/NGAV) solutions, WAF/IDS/IPS/Firewall systems, Incident Response and Forensics, Application Security & Penetration Testing, and SDLC concepts.


• Knowledge of common network and security concepts and protocols (zero-trust, SSH, encryption, Identity and Access Management, segmentation, defense-in-depth, security architecture, etc.)

Preferred:

• College Degree and ISC2, ISACA, GIAC, or other relevant industry certifications, or equivalent work experience


• Operational security experience in a Software-As-A-Service and/or education-focused organization

We are proud to be recognised for our world-class employee experience:

Certified Best Place to Work: US

#5 Best Mid-sized Workplace in Ireland

Best Workplaces in Tech™ in 2022 in Ireland

A Best Workplace for Women in Ireland

Fortune: Change the World Company