Senior Infrastructure Security Engineer

Join us on our mission to make a better world of work. 

Culture Amp revolutionizes how over 25 million employees across 6,000 companies create a better world of work. As the global platform leader for employee experience, Culture Amp empowers companies of all sizes and industries to transform employee engagement, develop high performing teams, and retain talent via cutting-edge research, powerful technology, and the largest employee dataset in the world. The most innovative companies across the globe, such as Salesforce, Unilever, PwC, KIND, SoulCycle, Celonis and BigCommerce depend on Culture Amp every day.

Culture Amp is backed by 10 years of innovation, leading capital venture funds, and offices in the U.S, U.K, Germany and Australia. Culture Amp is recognized as one of the world’s top private cloud companies by Forbes and one of the most innovative workplace companies by Fast Company.

Learn more about how Culture Amp can help you create a better world of work at cultureamp.com.

What is the opportunity for you?

As a Senior Infrastructure Security Engineer, you will play a major role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure security controls.

Your extensive AWS and software development experience will engineer robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration. You will also have the opportunity to lead complete work themes from ideation through to completion (under the guidance of your Lead Infrastructure Security Engineer).

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.

In this role you will be expected to provide informal technical leadership when required (with full support from the team’s Lead Infrastructure Security Engineer).

Your Role

In this role, you will:

• Demonstrate, with occasional guidance as required, innovative security approaches in Cloud Native operating environments.
• Respond to queries from team members across the organisation and champion security in key forums, security assessments and auditing
• Assist and support audit activity where required, including maintenance of audit records.
• Support security assessments for Culture Amp solutions.
• When appropriate, select, implement, and maintain appropriate security controls.
• Actively contribute your subject matter expertise in the development and improvement of policies, processes, standards.
• Bring, and demonstrate consistently, a continual improvement mindset to the role.
• Be strongly involved in the design and implementation of solutions from ideation to completion. At times this involvement may include:
  • Engaging others across team and division boundaries.
  • Contrasting alternative approaches and providing recommendations.
  • Assisting in the negotiation of timelines and scope of work.
• Documentation on security tools and services
  • Positively contribute to the writing and upkeep of documentation on security tools, services and project work.
  • Identify, and co-ordinate the closure of, gaps in documentation.
  • Perform documentation reviews and provide actionable improvements.
• Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely

You Have

You have the following technical capabilities:

• Extensive experience with the following tools (or equivalents):
  • Visual Studio Code
  • Git
  • Code linting tools
  • AWS CLI
  • Typescript (NodeJS) and/or Python
• Demonstrable knowledge and experience in the software development philosophies below. The ability to educate others, or act as a subject matter expert (SME), in some of these philosophies is strongly preferred:
  • Branching strategies, such as Trunk Based Development.
  • Verification approaches; TDD, BDD, etc.
  • 12-Factor Applications.
  • Hexagonal Application Architectures (aka Ports and Adaptors).
  • Design Patterns.
  • Principles of Object Oriented Design (S.O.L.I.D).
• Experience with most/all of the following security philosophies:
  • Authentication and Authorisation
  • Cloud Security Posture Management (CSPM)
  • Data Loss Prevention (DLP)
  • Endpoint Detection and Response (EDR)
  • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
  • Network Firewall
  • Security information and event management (SIEM)
  • Vulnerability Management
  • Web Application Firewall
• Broad knowledge and experience that encompasses the following areas of AWS, with demonstrable deep experience across at least one area:
  • Compute
  • Storage
  • Networking
  • IAM
  • Security, Controls and Governance
• Infrastructure as Code
  • Strong and demonstrable experience with modelling and writing an infrastructure layer as code within AWS. As an example, this could be the computer layer for running a suite of containers.
  • Ability to identify and call out where tradeoffs may need to be made during writing of infrastructure-as-code.
  • The ability and willingness to mentor others on the benefits and implementation of infrastructure-as-code.

You Are

We are looking for humans, not machines, and so you will bring these personal attributes:

• Strongly demonstrable skills in both written and verbal communication and collaboration.
• Flexible and resilient, especially when dealing with unexpected changes and issues.
• Prioritisation:
  • Comfortable making prioritisation decisions, sometimes with minimal information at hand for themselves or individual team members.
  • Able to identify prioritisation conflicts and take the lead to resolve at an individual level.
• Work Style:
  • Ability to work collaboratively (and at times lead) as part of a team.
  • Ability to work independently on tasks without supervision.
• As the Cybersecurity and Cloud industries change so fast, you can demonstrate a continual learning mentality.
• Problem Solving and Analytical Mindset
  • Regularly identify and solve larger problems or opportunities independently.
  • Occasionally identify and solve cross-team problems or opportunities with assistance.
• The ability to respond to security events outside of usual work hours on rostered basis.
• Certifications, Education and Experience:
  • Formal education or equivalent applicable experience required.
  • Industry recognised infrastructure or security qualifications highly advantageous.

We believe that inclusive businesses are better, not just for “company results”, but for the world. We have a strong commitment to Anti-Racism, and endeavour to lead by example. Every step we make as a business towards anti-racism is another step we can take to support our customers in making a better world (of work). You can see our current commitments to Anti-Racism here.

We ensure you have the tools you need to thrive both in and out of work.

• MacBooks for you to do your best work 
• Share Options - it’s important to us that everyone is an owner and can share in our success
• Excellent parental leave and in work support programme, - for those families to be
• Flexible working schedule - where we can, let’s make work, work for you
• Fun and inclusive digital, and (in the future) in-person events

Most importantly, an opportunity to really make a difference in people’s lives.