Senior/Staff Infrastructure Security Engineer
Toronto, Ontario, Canada
Ripple
Ripple is the leading provider of crypto solutions for businesses. Learn how we’re helping organizations of all sizes drive impact with the power of crypto.Through our blockchain technology and rapidly growing network of financial institutions, Ripple is improving the global financial system and increasing economic inclusion for more people, in more places around the world. Ripple is looking for passionate Information Security professionals to build a world class Information Security program. As part of the Information Security team, you will help us achieve this mission by actively working to protect our staff, company, and the larger crypto communities we engage with.
Our Security Engineering team is growing, helping Rippler’s design, build, and use on-premise and cloud infrastructure securely at scale. Infrastructure Security Engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. This team works closely with Ripple’s IT organization and Cloud Engineering and Operations teams to ensure we are building securely to protect our business and our customers. In this role you may find yourself working to enforce perimeters to protect all of Ripple’s environments, strategizing IAM solutions, detecting vulnerabilities and ensuring patching processes, assessing and securing public cloud infrastructure, and more. You will also support, develop and deploy tools and services to support a secure infrastructure. All with the intention of influencing policy to simplify user experience and keep Ripple secure.
WHAT YOU’LL DO:
- Partnering and consulting with colleagues on remediation design and solutioning
- Continuous improvement of relevant security systems and services
- Analyze complex security issues to improve the overall posture of the firm by evaluating new functionalities and ensure preparation for production implementation
- Responsible for providing all levels of support for tactical and strategic related issues related to information security systems and services
- Collaborate with product owners and engineering teams to ensure smooth transition of the Vulnerability Management technologies into production and ensure maximum visibility into a variety of environments
- Work closely with engineering to identify opportunities for automation eliminating manual operational toil and improving quality
- Maintaining security hardening configurations and guidance for the diverse set of service available across AWS, GPC and other public cloud providers
- Responsible for maintaining current versions of functionalities and technologies in production by effecting change management processes
- Proactively participate in compliance support activities such as trainings, audit prep, playbook authoring and ensure business as usual (BAU) activities are completed accurately and artifacts are produced as required
WHAT WE’RE LOOKING FOR:
- 5+ years of industry experience securing public cloud services and the devops deployment process
- Strong devops skill set to support collaboration of team scripting and development activities, to include knowledge of Python, git, artifactory and how to leverage them
- Strong knowledge of course networking components and a history of executing network security
- Familiarity with the CIS benchmarks and how to monitor and remidiate deficiencies
- Experience in Cloud Computing like AWS, GCP with emphasis on Cloud Baseline management tools like Lacework
- Experience in Information Security frameworks and best practices for Vulnerability management, Risk Analysis, Reporting Metrics and Assessments
- Problem solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity
- Highly innovative with creative contributions to asset discovery and real world risk assessments
- Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism
- Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others’ expertise and considering others’ feelings and working styles
- Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions
- Understands and anticipates people's needs, skills, and abilities, to coach, motivate and empower them for success
- Nce to have infosec certifications: CISSP, CEH, CISA, CRISC
- Nice to have core certifications such as: CCNA, CCNP
WHO WE ARE:
Ripple is doing for value what the internet did for information: enabling its instant and seamless flow around the world. We call this the Internet of Value (IoV). Using blockchain and cryptocurrency technology, Ripple is dedicated to creating powerful gains in financial efficiency, equity and inclusion. In addition, Ripple is developing and enabling the future use cases that will catalyze the new digital economy for governments, businesses and consumers.
Ripple has offices in San Francisco (HQ), New York, London, Mumbai, Singapore, São Paulo, Toronto, Reykjavík, Washington D.C. and Dubai.
WHAT WE OFFER – The resources and support to be your best at work and beyond:
Do Your Best Work
- The opportunity to build in a fast-paced start-up environment with experienced industry leaders
- A learning environment where you can dive deep into the latest technologies and make an impact. A professional development budget to support other modes of learning.
- Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
- Ripple is Flexible First: you have the option to work remotely, from our offices, or a combination of the two within the 11 countries we are located around the world.
- Weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team
- We come together for moments that matter which include team off-sites, team bonding activities, happy hours and more!
Take Control of Your Finances
- Competitive salary, bonuses, and equity
- Bonus Flexibility Program: Participants in the Corporate Bonus Plan have the option to elect to receive their annual bonus in cash, equity or XRP, or a combination.
- 100% paid medical and dental and 95% paid vision insurance for employees starting on your first day
- 401k (with match)
- Commuter benefits
- Employee giving match
- Mobile phone stipend
Take Care of Yourself
- Twice a quarter R&R days so you can rest and recharge
- Generous wellness reimbursement and weekly onsite & virtual programming
- Flexible vacation policy - work with your manager to take time off when you need it
- Industry-leading parental leave policies. Family planning benefits.
- Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events
Benefits listed above are for full-time employees. Interns - please discuss benefits with your recruiter.
Ripple is an Equal Opportunity Employer. We’re committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. Please find our UK/EU Applicant Privacy Notice and our California Applicant Privacy Notice for reference.Tags: Automation AWS Blockchain C CCNP CEH CISA CISSP Cloud Compliance CRISC Crypto DevOps GCP IAM Network security Privacy Python Risk analysis Risk assessment Scripting Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Competitive pay Equity Flex hours Flex vacation Health care Insurance Lunch / meals Medical leave Parental leave Salary bonus Snacks / Drinks Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs