Security Engineer II

Core Digital Media brands empower people to improve their financial lives every day.  We are one of the largest advertisers on the internet and tens of millions of people come to our sites each month.  We have helped many of them save thousands of dollars off of a variety of recurring expenses such as their mortgage, insurance premiums, credit card fees, etc. Our websites include LowerMyBills.com and QuickenLoans.com, and they provide our consumers with valuable content, tools, service providers and solutions as they navigate some of life's biggest financial decisions.
Core Digital Media is a proud member of the Rocket Companies family [“RKT” on NYSE] and works in close partnership with its sister companies Rocket Mortgage, Rocket Homes, Rocket Loans and Rocket Money.  These companies are all market leaders in their industries and are obsessed with helping their clients achieve the dream of homeownership and financial freedom.
Core Digital Media is committed to building and maintaining a culture of diversity, equity and inclusion, where all are welcomed and have the opportunity to flourish in their careers.
We are looking for a Security Engineer to join our technology department. The DevOps team members at Core Digital Media come from very diverse backgrounds. They are responsible for availability and performance of all consumers facing applications as well as internal systems.  The group is focused on adopting infrastructure as code across all its operations to fully tap into the power of the AWS platform. As Security Engineer, you will be building and supporting mission critical infrastructure tooling that drives our business for high availability, security, and performance.  

Responsibilities

• Build automation to upgrade systems for security compliance.
• Conduct security reviews and assessments on existing systems, identifying areas for improvements and implement security enhancements.
• Contribute towards strengthening organization’s security posture.
• Develop and implement automation for security operations and vulnerability remediation.
• Help build security testing as part of CI/CD pipelines.
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Monitor internal and external systems for security threats and respond to alerts.
• Protects system by defining access privileges, control structures, and resources.
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits.
• Ability to analyze security events from WAF and SEIM and take actions to mitigate risks.
• Participate in security review for architecture design and infrastructure changes.
• Contribute towards improving security for Windows Systems.

Requirements

• Solid understanding of Unix/Linux operating systems
• Experience with Windows operating systems, Windows Server, MS Exchange, Active Directory, and Microsoft office 365 is a plus.
• Security first mindset.
• Good knowledge of cloud security principles and solutions.
• Have technical proficiencies and familiarity in DevOps culture and keen interest in cybersecurity and up-to-date knowledge of threats and trends.
• Experience in scripting languages like Python, Perl, or Bash for automation tasks.
• Experience with infrastructure as code using Terraform.
• Experience in AWS Cloud security, operations and IAM roles and policies.
• AWS Security Certification is a plus.
• Experience in integrating Single Sign-on solution such as OKTA is a plus.
• Experience with many tools and techniques like risk assessment, threat modeling, and cybersecurity to detect and analyze the threats.
• Experience developing dashboards and writing custom queries in Splunk.
• Knowledge of architecture, engineering, and operations of the Splunk enterprise SIEM platform is a plus.
• Hands-on experience analyzing high volumes of logs, network data and other attack.
• Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
• 4+ years of prior relevant experience
• Commitment to a hybrid work environment (2 days per week in our Los Angeles office)

Core Digital Media an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Core Digital Media is committed to diversity, equity and inclusion and the principle of equal employment opportunity for all employees. CDM provides employees with a work environment free of discrimination and harassment.