At DFINITY we’re building a world class Security team which re-defines Information Security as we know it. This requires a bias towards building solutions that are secure by default, use defense in depth, and enhance user experience. This role within the Infrastructure Security team is for a Senior Engineer looking to achieve such a vision.
- Secure remote access with MFA, robust account management, state of the art monitoring, and alerting.
- Utilize Infrastructure management tooling (Puppet, Chef, TF, Ansible) for consistent hardening configurations such as CIS benchmarks across cloud and on-prem infrastructure.
- Drive adoption of security audit logging and anomaly detection.
- Develop a proactive vulnerability and patch-management solution, showcasing a clear risk state of the infrastructure due to out-of-date software/hardware.
- Craft a strategy with tooling for security of SaaS solutions such as GSuite, Slack etc. deployed across the organization.
- Develop a third party vendor review process for risk assessment and decision making.
- 5-10 years of hands-on experience on a Security team
- BS or MS in Computer Science or a related field is preferred
- Practical and pragmatic approach
- Infrastructure as Code mentality
- Hands-on experience in DevSecOps toolchain (eg: Chef, Ansible, Terraform, Puppet, Jenkins).
- Ability to develop tools using programming languages such as Ruby, Python etc.
- Familiarity with blockchain and cryptocurrency technologies a bonus
- You’re a security generalist with firm understanding and/or hands on experience in some of these domains:
- OS internals and security hardening (MacOS, Linux, Windows)
- Hardening of networking devices, protocols and solutions
- Security of Cloud Infrastructure platforms
- Account lifecycle management, multi-factor authentication, authentication and authorization protocols and solutions
- Vulnerability and patch management, secure configuration deployment
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.