Senior Security Engineer
Austin, TX; Bothell, Washington; Redwood City, CA; Remote; San Diego, CA
Evernote
Our note taking app helps you capture and prioritize ideas, projects and to-do lists, so nothing falls through the cracks. Start your free trial today!
Evernote is looking for a security engineer to join our Security Team. You will be a generalist across the various security functions, though will have a heavier focus on helping secure our build infrastructure. Your role will be a mix of analyst, operations, threat modeling and engineering work and you will report directly to Evernote's head of security.
Your teammates will be senior security professionals who are passionate about providing practical security mentorship across the entire company, including our production environment. Our customers trust us with billions of their notes, projects, and ideas and we are here to protect them.
Job Responsibilities
- Assist in the specification, design, implementation and documentation of security solutions.
- Perform security analysis utilizing SIEM technologies
- Provide support for Security Operations and Incident Response
- Collaborate with business and technology leaders to ensure the successful remediation of identified security weaknesses
- Assist with Information Security program development, developing procedures that align to security policies, standards, guidelines, etc.
- Own the security of our build pipelines/DevOps processes
Required Skills
- Working knowledge of TCP/IP, the OSI model, DNS, HTTP, VPN, routing & switching, and load balancer technologies for virtual and physical networks
- Solid understanding of common security threats, attack vectors, vulnerabilities, exploits and defense in depth strategies
- DevOps/SecDevOps experience
- Working knowledge of incident, problem, and change management
- Curious, inquisitive, innovative, lifelong learner and self-starter
- Strong documentation and communication skills
- BA/BS preferred with 4+ years of overall information security engineering and technology operations experience
Preferred Skills
- Proficiency in a Scripting Language(Python, Golang, Bash)
- Experience working with containers and container orchestration(Kubernetes, DC/OS, etc.)
- Industry intermediate-level certification(s) preferred (Examples: CCSP, CISA/CISM, CISSP)
- Knowledge of Cloud Security Controls and Concepts
- Operational experience with security logging, event correlation, and SIEM technologies.
- Basic understanding of configuration management tools
- Knowledge of forensic practices and chain of custody processes
- Knowledge of OWASP, MITRE ATT&CK, and CIS Critical Security Controls
We are committed to an inclusive and diverse Evernote. We believe that different perspectives lead to better ideas, and better ideas allow us to better understand the needs and interests of our diverse, global Evernote Community. We welcome people of different backgrounds, experiences, abilities and perspectives and are an equal opportunity employer.
California privacy notice: Read our privacy policy for job applicants at https://evernote.com/privacy/policy
Tags: Bash CCSP CISA CISM CISSP Cloud DevOps DNS Exploits Golang Incident response Kubernetes MITRE ATT&CK OWASP Privacy Python Scripting Security analysis SIEM TCP/IP VPN Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs