Senior Offensive Security Engineer

What you’ll do at Jamf:

At Jamf, we empower people to be their best selves and do their best work. The Senior Security Operations Engineer will work with the Cloud and Delivery team to continue to build, automate and maintain cloud security services. They will be responsible for leading the Security Design and Architecture, Log Collection, Security Incident Management, Identity and Access Management, Vulnerability and Patch management. They will be responsible for maintaining operation of the environment in accordance with our service level agreements and providing support to both our staff and customers.

What you can expect to do in this role:

• Mentors and advises others in related components and broad fundamental expertise areas
• Manages identity and access control in the cloud environment
• Responsible for the tools, configuration, administration and related processes around our log file collection and monitoring
• Provides the framework, processes and execution to ensure support of Jamfs data leakage prevention
• Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack
• Vulnerability Management: Accountable for the prevention, detection and mitigation of vulnerabilities through industry standard tools, configuration, administration and internal procedures
• Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation
• Responsible for tooling, processes and follow up actions related to our external port scanning needs and practices
• Handles the identification, planning and implementation of any server hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement
• Performs security incident analysis, response and remediation
• Participates in design and implementation of security automation workflows
• Helps manage security data reporting and visualization platform.

What we are looking for:

• Minimum of 4 years IT security principles, security operations, techniques, and technologies (Required)
• Minimum of 4 years experience working with Linux/Unix command line interfaces, including shell or python scripting (Required)
• Minimum of 4 years experience with industry standard configuration management and deployment tools (e.g. Ansible, Chef, Puppet or other) (Required)
• Minimum of 2 years experience administering some or all of the following technologies: Amazon Web Services (EC2, RDS, DynamoDB, ELB, Elastic Beanstalk, S3, IAM, ElastiCache) (Preferred)
• Minimum of 2 years experience working with monitoring (Logic Monitor, AppDynamics, Zabbix, etc) and logging tools (Splunk, Sumologic, or ELK (ElasticSearch/Logstash/Kibana)) (Preferred)
• Advanced knowledge of containerization concepts and Kubernetes (Preferred)
• Basic knowledge of MySQL or Postgres (Preferred)

Why Jamf?

• Jamf Protect has received the honor of Endpoint Security Solution of the Year in CyberSecurity Breakthrough Awards, 2022

• Jamf Protect received the Security Software Solution of the Year, and Jamf Threat Defense has earned the title of Mobile Security Solution of the Year, in the 2022 Computer Security Awards.