Infrastructure Security Engineer

Join us on our mission to make a better world of work. 

Culture Amp revolutionizes how millions of employees across more than 6,600 companies create a better world of work. As the global leader in employee experience, Culture Amp empowers businesses to transform employee engagement, develop high-performing teams, and retain talent via cutting-edge research, powerful technology, and the largest employee dataset in the world. The most innovative companies across the globe depend on Culture Amp every day.

Culture Amp is backed by 12 years of innovation, leading capital venture funds, and offices in the U.S, U.K, Germany and Australia. Culture Amp is recognized as one of the world’s top private cloud companies by Forbes and most innovative companies by Fast Company.

Learn more about how Culture Amp can help you create a better world of work at cultureamp.com.

How you can help make a better world of work

As an Infrastructure Security Engineer, you will play a role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure security controls.

Your AWS experience, paired with a background in software development, cyber security or system operations, will deliver robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration.

Under the guidance and mentoring of your Lead Infrastructure Security Engineer, you will have the opportunity to take ownership of discrete work themes from ideation through to completion.

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.

As part of this team of amazing humans, 

You will 

• Actively contribute to security approaches in Cloud Native operating environments.
• Respond to queries from team members across the organisation and champion security in key forums
• Assist and support audit activity where required, including maintenance of audit records.
• Actively contribute your subject matter expertise in the development and improvement of policies, processes, standards. 
• Bring, and demonstrate consistently, a continual improvement mindset to the role
• Actively contribute, where possible, in the design and implementation of solutions.
• Positively contribute to the writing and upkeep of documentation on security tools, services and project work. 
• Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely.

You have (technical capabilities):

• Experience with the following (or equivalent) tools: Visual Studio Code, Git, and Typescript (NodeJS), and/or Shell scripting
• Experience (or demonstrable awareness) in modern software development practices such as branching strategies (e.g. Trunk Based Development) and software verification approaches like TDD, BDD, etc.
• Experience with some/all of the following security philosophies:
• Authentication and Authorisation
• Cloud Security Posture Management (CSPM)
• Data Loss Prevention (DLP)
• Security information and event management (SIEM)
• Vulnerability Management
• Web Application Firewall
• Broad and deep knowledge and experience that encompasses at least one of the following areas of AWS: Computing, Storage, Networking, IAM, and/or Security, Controls and Governance
• Demonstrable experience or knowledge of Infrastructure as Code.

We are looking for humans, not machines, and so you will bring these personal attributes:

• Ability to strongly contribute to written documentation with minimal assistance. 
• Demonstrate solid verbal skills in both communication with others, and as a  collaborator. 
• Flexible and resilient, especially when dealing with unexpected changes and issues.
• Ability to independently identify prioritisation conflicts, effectively prioritise smaller tasks and proactively callout for assistance.
• Ability to strongly work collaboratively as part of a team and work independently on tasks as required with minimal supervision.
• As the Cybersecurity and Cloud industries change so fast, you can demonstrate a continual learning mentality.
• Regularly identify and solve small problems or opportunities, and occasionally identify and solve larger problems or opportunities with assistance.

We believe that inclusive businesses are better, not just for “company results”, but for the world. We have a strong commitment to Anti-Racism, and endeavor to lead by example. Every step we make as a business towards anti-racism is another step we can take to support our customers in making a better world (of work). You can see our current commitments to Anti-Racism here.

We ensure you have the tools you need to thrive both in and out of work.

• MacBooks for you to do your best work 

• Share Options - it’s important to us that everyone is an owner and can share in our success

• Excellent parental leave and in work support programme, - for those families to be

• Fun and inclusive digital, and in-person events

Most importantly, an opportunity to really make a difference in people’s lives.

Please keep reading...

Research shows that candidates from underrepresented backgrounds often don't apply for roles if they don't meet all the criteria – unlike majority candidates meeting significantly fewer requirements.

Thank you for taking the time to read this advert. If you decide to apply, as part of your application, we will ask you to complete voluntary diversity questions (excluding Germany). Please watch this video from our amazing DEI Leader, Aubrey Blanche to share more on why we collect the data and how we will use it.