Staff Cloud Security Engineer
New York or Remote
Your mission? Ensure that our environment and customer content remain secure in the cloud. Our mission? Hire you.
Frame.io is changing the future of how videos are made by helping over 1 million creative professionals seamlessly collaborate from all over the world.
We’re backed by Accel, FirstMark, Insight Partners, SignalFire, Jared Leto, and a host of other amazing investors. Our market-leading product is used and loved by companies such as Disney, NASA, Snapchat, BBC, BuzzFeed, TED, Adobe, Udemy, and many more.
We’re in an exciting period of growth and are on the hunt for talented and passionate individuals who share our vision for helping visual content creators produce their best work.
About the Role
As a Senior member of the security team at Frame.io, you will have the opportunity to shape the security of our cloud infrastructure. You will research the latest threats on cloud infrastructure, Kubernetes, Containers and develop methods and controls to prevent, detect, and respond to attacks to keep them secure. Your mission will be to ensure that the Frame.io environment and customer content remain secure in the cloud.
You'll work across many teams including infrastructure, engineering, product, and across multiple streams including infrastructure security, security operations, and incident response. We’re looking for someone that has deep technical expertise and experience to join a fast-paced, growing team of security engineers tackling challenging problems at scale.
- 7+ years of experience working and securing AWS and its services such as EC2, Lambda, ELB, ECS, IAM, S3, RDS, CloudTrail, CloudFront, AWS Config, etc.
- Strong experience in security automation and tool development to secure the cloud
- Experience and knowledge of building security data analysis pipelines in the cloud using AWS Kinesis Firehose/AWS Lambda/AWS ElasticSearch
- Extensive experience in security operations and threat detection in the cloud before they cause material damage to the business. In the event an alert is identified as a security incident, you will kick off Incident Response.
- Extensive experience in incident response in the cloud. Incident response includes but is not limited to log analysis, memory and disk forensics, reverse engineering, network containment, threat eradication and postmortems. You will also develop and refine processes, plans and procedures and partner closely with other stakeholders across the business.
- Experience in docker containers and Kubernetes security such as pod-security policy, network security policy.
- Experience in developing infrastructure-as-a-code using Terraform, CloudFormation, CI/CD, GitHub.
- Experience in working with various AWS logs such VPC Flowlog, CloudTrail, S3, Route53, Elb, CloudFront, WAF, etc.
- Experience in one or more programming languages (Python, Node.js, Go, Elixir) and shell scripting
- Experience in patch management, container scanning, and vulnerability scanning in the cloud.
- Experience in memory analysis, forensic, and network analysis tools such as Wireshark, TCPDump, and Scapy.
- Multi-cloud experience is a plus.
- As a strong hands-on person in the team, you will write code to perform security automation and tool development to improve the security of Frame.io infrastructure.
- Create an effective set of controls for all of our AWS infrastructure.
- Design and develop controls on all aspects of the security lifecycle -- protect, detect, contain, respond, and recover.
- Always be identifying newer and more secure ways to access and protect assets.
- Analyze and secure computing clusters such as Kubernetes and ECS.
- Analyze the threats detected by the threat intelligence system and tools in the cloud before they cause material damage to the business. In the event an alert is identified as a security incident, you will kick off the incident response.
- Provide technical and security expertise throughout the incident; then, implement any improvements assigned to Cloud Security. Incident response process includes log analysis, memory and disk forensics, reverse engineering, network containment, threat eradication and postmortems.
- Work closely with engineering teams while developing your controls and talk about the usefulness of those controls.
- Develop and update relevant documentation, including security runbooks, specifications and diagrams.
- Be part of an on-call rotation.
- Be able to measure and prove the effectiveness of your control to auditors as needed.
- Competitive salary and equity
- Paid parental leave for primary or secondary caregivers
- Unlimited PTO and designated Volunteering paid time off
- Work From Anywhere Week
- Yearly stipend for learning and development
- Medical, Dental, Vision Insurance and OneMedical membership
- Pre-tax commuter benefit and Flexible Spending Account
- Daily catered lunch & fully stocked kitchen with cold brew on tap
- Discounted gym membership, Classpass discount and Free Citi-Bike membership
Our philosophy is simple. At Frame.io, we believe that working with people of different backgrounds and perspectives allows us to elevate each other and helps us build a better product for our users.
We’re proud to be an equal opportunity employer, and are committed to providing all employees with a work environment that celebrates individuality and remains free from any form of discrimination and harassment. We base our employment decisions on the needs of our business, job requirements, and applicants' qualifications. In other words, we only care that you’re the best person for the job.