Enterprise & Cloud Security Engineer

The RealReal information security team is looking for an Enterprise & Cloud security engineer to be part of a growing team and assist in the build out of key cyber automation capabilities. This role encompasses the implementation and subsequent maturing of platform, identity and network security for The RealReals Global Information Security program. This is a challenging and rewarding opportunity for an individual who is looking for an opportunity in the  arena of Enterprise & Cloud security and wishes to grow within the organization and the thriving retail industry.

What You Get To Do Every Day

• Evaluate and integrate external SDK’s and API's based on solution requirements
• and Scrum Frameworks
• Experience with cloud based data protection, database and load balancing.
• Experience with docker and automated server deployment.
• Solid understanding of application security practices, API development, OAuth authentication , security unit testing and CI/CD.
• Familiarity with RESTful APIs 
• Familiarity with cross-platform system integration and hybrid apps.
• Experience with AWS services and AWS SDK.
• Design and maintain The RealReal Enterprise security infrastructure
• Perform platform security tasks such as vulnerability management through Qualys or Tenable, configure and maintain EDR solutions for both on-prem and public cloud (AWS/GCP) assets
• Maintain and configure web application firewalls and botnet mitigation solutions
• Enforce best practices in terms of cybersecurity configurations and design for on-prem stores and POS devices
• Examine output from security tools and report on findings
• Work with cyber analysts and security engineers to develop threat models, detections, incident response playbooks, and maintain tooling to enrich security intelligence
• Ability to develop python scripts and API integrations into SaaS apps for the purposes of alert automation and data extraction (logging)
• Exposure and ability to mitigate risk and configure secure services in a cloud environment (AWS/GCP).
• Deep knowledge of the OSI and TCP/IP stack and ability to architect security tooling and identify security risks against the same.

What You Bring To The Role

•  3+ years experience working in a security role
• Ability to work cross functionally between technical and business teams, evangelizing security best practices, policy, and procedure
• Effective communication skills
• Demonstrated knowledge of enterprise-scale security technologies which may include SIEM, vulnerability management, incident response, HIDS/NIDS, PKI, user behavior analytics, SSO, IAM, Privileged Access Management
•  Experience building and maintaining enterprise logging pipelines 
•  Demonstrated proficiency with scripting (Bash, Python, Go, etc)
• Experience with developing infrastructure as code (Terraform, Cloudformation)
•  Deep hands on security experience with cloud providers such as AWS, GCP, and other cloud providers and their respective security tools.
• Experience with EDR (Endpoint Detection and Response) tools e.g. Crowdstrike, Carbon Black etc
• Familiarity with development processes and environment tools such as Git, Jira, Confluence
• OSxx Suite of Certifications
• Pentesting experience
• Hands on experience with Container Technology (Docker, EKS, GKE, Kubernetes, Openshift, ) • Experience with SOAR, CASB, DLP technologies
•  Comfortable with Python scripting

The RealReal is the world’s largest online marketplace for authenticated, resale luxury goods, with more than 20 million members. With a rigorous authentication process overseen by experts, The RealReal provides a safe and reliable platform for consumers to buy and sell their luxury items. We have hundreds of in-house gemologists, horologists and brand authenticators who inspect thousands of items each day. As a sustainable company, we give new life to pieces by thousands of brands across numerous categories—including women's and men's fashion, fine jewelry and watches, art and home—in support of the circular economy. We make selling effortless with free virtual appointments, in-home pickup, drop-off and direct shipping. We do all of the work for consignors, including authenticating, using AI and machine learning to determine optimal pricing, photographing and listing their items, as well as handling shipping and customer service. At our 13 retail locations, including our eight shoppable stores, customers can sell, meet with our experts and receive free valuations.

The RealReal is committed to providing an equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or Veteran status. We will consider qualified applicants for a position regardless of arrest or conviction records, consistent with legal requirements. 

#LI-DA15