Security Engineer

Granicus is the leading provider of citizen engagement technologies and services for the public sector, bringing governments closer to the people they serve with the first-and-only Civic Engagement Platform. Granicus works with more than 5,500 government organizations and connects more than 280 million people in the largest Citizen Subscriber Network of its kind.
Granicus provides technology and services that empowers government organizations to create seamless digital experiences for the people they serve. By offering the industry’s leading cloud-based solutions for communications, content management, meeting and agenda management, and digital services to over 4,000 public sector organizations, Granicus helps turn government missions into quantifiable realities.Granicus is looking to expand its security engineering program and is looking for someone to provide expertise to protect the confidentiality, integrity, and availability of the organization. If you’re a self-starter who wants to help automate security processes, improve the utilization of tooling, assist in building secure cloud-based environments, and work with other technology teams to build a secure environment, then we want to hear from you. Our core beliefs are building trust within the organization as well as with our clients, building strong intergroup relationships, evolving knowledge, and always being on the lookout for ways to improve.
What you will be doing:§  Ensure that new cloud architectures are secure, scalable, and compliant§  Use APIs to automate processes and tie tools together (e.g. pull data from a CSPM into a SIEM, pull assets from a CMDB into a scanner, and integrate alerts into Slack automations)§  Review and provide security feedback on technical projects and during audits§  Research new security technology trends that can be used to reduce exposure§  Manage the lifecycle of organizational security tools§  Help technical teams determine application risks related to privileged access on endpoints§  Work with IT to control egress traffic from employee laptops§  Work with cross functional teams as a security representative during incidents§  Review proposed changes for potential security issues§  Participate in an on-call rotation to ensure 24x7 escalation support for incidents§  Ensure the confidentiality, integrity, and availability of information assets
Some things we’d like you to know (you don’t have to have them all):
§  A passion to figure out the who, what, when, and why of a situation with 5+ years of experience.§  Direct experience in the specific technical areas of systems administration, application development, database administration, network operations, or data center operations§  The ability to continuously learn new methods and technologies and identify gaps that should be addressed§  Best practices around cloud security architecture§  Experience in a common scripting language like Python, Powershell, etc§  Ample experience operating with cloud platforms, APIs, and event-driven automation§  Running a vulnerability management process using common technologies like Nessus §  Understanding of Infrastructure as a Service (IaaS) cloud platforms, such as IAM, compute (EC2), networking (VPC, Load Balancers), serverless (Lamda), and Containers (EKS), in order to identify and prioritize potential security challenges§  Understanding of containerization (Docker, Kubernetes) and best practices to secure configuration and workloads§  Works with CI/CD best practices and is comfortable with technologies such as git, Jenkins, terraform, and ansible§  Familiarity with IDS/IPS, SIEM, DLP, firewalls, vulnerability management systems, and endpoint security products, including management and configuration of the tools§  Ability to write technical Standard Operating Procedures (SOPs) and train team members
What’s in it for you?·        Helping people engage with government and get things done in a more efficient manner·        A flexible, “work from anywhere” mentality·        Flexible time off that’s not limited by accruals·        The use of cutting edge technology·        Working with collaborative teams that want to make the world a better place