Security Engineer
United States - California (Remote)
Applications have closed
HashiCorp
HashiCorp delivers consistent workflows to provision, secure, connect, and run any infrastructure for any application.About HashiCorp
HashiCorp is a fast-growing startup that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. We build products to give organizations a consistent way to manage their move to cloud-based IT infrastructures for running their applications. Our products enable companies large and small to mix and match AWS, Microsoft Azure, Google Cloud, and other clouds as well as on-premises environments, easing their ability to deliver new applications for their business.
About the Role
Security at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
In this role, your responsibilities will include:
- Design, implement and monitor HashiCorp’s corporate information security controls and technologies.
- Build and implement security processes and tools for risk reduction and mature corporate information security capabilities.
- Integrate systems with in-house applications, third party applications, and SaaS applications for provisioning, identity management and authentication, and the development of connectors between IAM tools and system resources.
- Triage, respond to, and investigate security incidents affecting business applications, SaaS applications, and partner services.
- Assess risk arising from third-parties, vendors and partners in our ecosystem and design controls to mitigate such risks.
- Identify and deploy internal process and automation improvements.
- Provide subject matter expertise on authentication and systems security with a focus on Corporate technologies and SaaS applications.
- Build and implement security processes and tools for risk reduction and mature corporate information security capabilities.
- Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate.
- Assess risk arising from third-parties, vendors and partners in our ecosystem and design controls to mitigate such risks.
- Support GRC and customer security requests as needed.
We are looking for talented self-starters with 3+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!
You may be a good fit if you have knowledge and experience around:
- Secure operations practices, specifically with regards to enterprise remote/distributed and cloud environments.
- Security design / architecture and threat modeling.
- Security testing and monitoring methodologies and tools.
- Vulnerabilities (old and new), and options for defense / mitigation.
- Familiarity with securing SaaS & cloud services running in Amazon AWS or Google Cloud Platform
- Experience in managing and maintaining identity and access management, SAML Federation, OAuth and MFA solutions.
- Experience with application design, integration and deployment in an integrated global IT environment.
- Advanced scripting capabilities (i.e. Python, Bash)
- Experience with HashiCorp Vault and Terraform a plus.
HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.
For more information regarding how HashiCorp collects, uses, and manages personal information, please review our Privacy Policy.
Tags: Automation AWS Azure Bash Cloud GCP IAM Monitoring Privacy Python SaaS SAML Scripting Terraform Vulnerabilities
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs