Infrastructure Security Engineer

Join us on our mission to make a better world of work. 

Culture Amp revolutionizes how over 25 million employees across 6,000 companies create a better world of work. As the global platform leader for employee experience, Culture Amp empowers companies of all sizes and industries to transform employee engagement, develop high performing teams, and retain talent via cutting-edge research, powerful technology, and the largest employee dataset in the world. The most innovative companies across the globe, such as Salesforce, PwC, KIND, SoulCycle, Celonis and BigCommerce depend on Culture Amp every day.

Culture Amp is backed by 10 years of innovation, leading capital venture funds, and offices in the U.S, U.K, Germany and Australia. Culture Amp is recognized as one of the world’s top private cloud companies by Forbes and one of the most innovative workplace companies by Fast Company.

Learn more about how Culture Amp can help you create a better world of work at cultureamp.com.

What is the opportunity for you?

As an Infrastructure Security Engineer, you will play a core role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure security controls.

Your AWS and software development experience will engineer robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration.

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.

Your role in the Camp

●  Actively contribute to security approaches in Cloud Native operating environments.

●  Respond to queries from team members across the organisation and champion

security in key forums

●  Security Assessments and Auditing

        ○  Assist and support audit activity where required, including maintenance of audit records.

        ○  Support security assessments for Culture Amp solutions

●  Actively contribute your subject matter expertise in the development and improvement of policies, processes, standards.

●  Bring, and demonstrate consistently, a continual improvement mindset to the role

●  Actively contribute, where possible, in the design and implementation of solutions.

●  Positively contribute to the writing and upkeep of documentation on security tools, services and project work.

●  Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely.

What you’ll bring to Culture Amp

You have the following technical capabilities:

• Experience with the following tools (or equivalents):

     ○  Visual Studio Code / Git / Code Linting Tools /AWS CLI / Typescript (NodeJs) and /or Python.

• Experience in most of the software development philosophies listed below. Where experience is low or missing, a demonstrable awareness is preferred:

  • Branching strategies, such as Trunk Based Development.

  • Verification approaches; TDD, BDD, etc.

  • 12-Factor Applications.

  • Hexagonal Application Architectures (aka Ports and Adaptors).

  • Design Patterns.

  • Principles of Object Oriented Design (S.O.L.I.D). 

• Experience with some/all of the following security philosophies:

  • Authentication and Authorisation

  • Cloud Security Posture Management (CSPM)

  • Data Loss Prevention (DLP)

  • Endpoint Detection and Response (EDR)

  • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

  • Network Firewall

  • Security information and event management (SIEM)

  • Vulnerability Management

  • Web Application Firewall

• Broad and deep knowledge and experience that encompasses at least one of the following areas of AWS:

  • Compute

  • Storage

  • Networking

  • IAM

  • Security, Controls and Governance

• Infrastructure as Code; Either:

  • Understand the concept of infrastructure-as-code and its importance; or

  • Demonstrable experience with managing infrastructure -as-code.

We believe that inclusive businesses are better, not just for “company results”, but for the world. We have a strong commitment to Anti-Racism, and endeavour to lead by example. Every step we make as a business towards anti-racism is another step we can take to support our customers in making a better world (of work). You can see our current commitments to Anti-Racism here.

We ensure you have the tools you need to thrive both in and out of work.

• MacBooks for you to do your best work
• Share Options - it’s important to us that everyone is an owner and can share in our success
• Excellent parental leave and in work support programme, - for those families to be
• Flexible working schedule - where we can, let’s make work, work for you
• Fun and inclusive digital, and (in the future) in-person events

Please keep reading...

Research shows that candidates from underrepresented backgrounds often don't apply for roles if they don't meet all the criteria – unlike majority candidates meeting significantly fewer requirements.

We strongly encourage you to apply if you’re interested: we'd love to know how you can amplify our team with your unique experience! 

Thank you for taking the time to read this advert. If you decide to apply, as part of your application, we will ask you to complete voluntary diversity questions (excluding Germany). Please watch this video from our amazing DEI Leader, Aubrey Blanche to share more on why we collect the data and how we will use it.