Infrastructure Security Engineer

Palo Alto, CA | San Francisco, CA

DFINITY logo
DFINITY
Apply now Apply later

Posted 1 month ago

At DFINITY we’re building a world class Security team which re-defines Information Security as we know it. This requires a bias towards building solutions that are secure by default, use defense in depth and enhance user experience. This role, within the Infrastructure Security team, is for a Security Engineer looking to achieve such a vision.

Responsibilities

  • Develop a proactive vulnerability and patch-management solution, showcasing a clear risk state of the infrastructure due to out-of-date software/hardware.
  • Secure remote access such as SSH and RDP. Implement Yubikey based hardware token authentication for coverage across the organization.
  • Utilize Infrastructure management tooling (Puppet, Chef, TF, Ansible) for consistent hardening configurations such as CIS benchmarks across cloud and on-prem infrastructure.
  • Craft a strategy with tooling for security of SaaS solutions such as GSuite, Slack etc. deployed across the organization.
  • Develop a third party vendor review process for risk assessment and decision making.

Requirements

  • 1-5 years of hands-on experience on an Infrastructure Security team
  • BS or MS in Computer Science or a related field is preferred
  • Familiarity with DevSecOps toolchain (Eg: Chef, Ansible, Terraform, Puppet, Jenkins etc.
  • Ability to develop tools using programming languages such as Ruby, Python etc.
  • Familiarity with blockchain and cryptocurrency technologies is a bonus
  • You’re a Security generalist with firm understanding and/or hands on experience in some of these domains - 
    • OS internals and security hardening (MacOS, Linux, Windows)
    • Hardening of networking devices, protocols and solutions
    • Security of Cloud Infrastructure platforms
    • Account lifecycle management, Multi-factor authentication, authentication and authorization protocols and solutions
    • Vulnerability and patch management, secure configuration deployment

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Job tags: Linux Puppet Python Risk assessment Ruby SaaS Strategy Windows
Job region(s): North America
Share this job: