Sr. Security Engineer - CorpSec
United States
Applications have closed
HashiCorp
HashiCorp helps organizations automate multi-cloud and hybrid environments with Infrastructure Lifecycle Management and Security Lifecycle Management.About Us
HashiCorp is a fast-growing enterprise software company that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. Our open source software is used by millions of users to provision, secure, connect, and run any infrastructure for any application. The Global 2000 uses our enterprise software to accelerate application delivery and drive innovation through software.
About Our Team
Security at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
The CorpSec team is a subset of the larger Security organization. We support the HashiCorp business by partnering closely with the IT, Security, and Engineering organizations to implement technical solutions to meet our security policies and compliance requirements. CorpSec is one layer in a multi-layered approach to protect the HashiCorp business through the use of technology.
In this role, your responsibilities will include:
- Design, implement and monitor HashiCorp’s corporate information security controls and technologies
- Build and implement security processes and tools for risk reduction and mature corporate information security capabilities
- Identify, deploy, and improve existing and new internal security processes with automation enhancements and improvements
- Perform security review of HashiCorp’s corporate information assets
- Triage, respond to and investigate security incidents affecting business applications, SaaS applications and partner services
- Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
- Assess risk arising from third-parties, vendors and partners in our ecosystem and design controls to mitigate such risks
- Document security processes and standards
- Act as SME on multiple information security areas (e.g. endpoint security, email security and vulnerability management for endpoints.)
- Work closely with HashiCorp Information Technology team
- Support GRC and customer security requests as needed
- Assist Threat Detection/Response & Product Security teams
You may be a good fit if you have knowledge and experience around:
- We are looking for a talented engineer with 5+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!
- Modern information technology approaches and applications
- Securing productivity software and systems in a remote, cloud-first environment
- Strong experience in automation, coding, and scripting languages (such as Python, GoLang, Bash, JavaScript, etc.)
- Modern engineering practices, processes, and tools
- Security design / architecture and threat modeling
- Vulnerabilities (old and new), and options for defense / mitigation
- Familiarity with securing SaaS & cloud services running in Amazon AWS or Google Cloud Platform
- Experience with microservice architectures, or large distributed systems
- General understanding of security fundamental and security operations
- Understanding of security management, governance, risk, and compliance
- Experience with HashiCorp tools is a plus
#LI-AZ1
#LI-REMOTE
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Bash Cloud Compliance Endpoint security GCP Golang Governance JavaScript Open Source Product security Python SaaS Scripting Threat detection Vulnerabilities Vulnerability management
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open PowerShell-related jobs
- Open SQL-related jobs