At DFINITY we’re building a world class Security team which re-defines Information Security as we know it. This requires a bias towards building solutions that are secure by default, use defense in depth and enhance user experience. This role within the Infrastructure Security team is for a Senior Engineer looking to achieve such a vision.

Responsibilities

  • Design and deploy a secure and scalable SSO solution for coverage, consistency, and telemetry, implemented using technologies such as Okta, Yubikey, Duo, WebAuthN.
  • Secure remote access such as SSH and RDP. Implement Yubikey-based hardware token authentication for coverage across the organization.
  • Utilize Infrastructure management tooling (Puppet, Chef, TF, Ansible) for consistent hardening configurations such as CIS benchmarks across cloud and on-prem infrastructure.
  • Develop a proactive vulnerability and patch-management solution, showcasing a clear risk state of the infrastructure due to out-of-date software/hardware.
  • Craft a strategy with tooling for security of SaaS solutions such as GSuite, Slack etc. deployed across the organization.
  • Develop a third party vendor review process for risk assessment and decision making.

Requirements

  • 5-10 years of hands-on experience on an Infrastructure Security team
  • BS or MS in Computer Science or a related field is preferred
  • Hands-on experience in DevSecOps toolchain (Eg: Chef, Ansible, Terraform, Puppet, Jenkins etc.
  • Ability to develop tools using programming languages such as Ruby, Python etc.
  • Familiarity with blockchain and cryptocurrency technologies a bonus
  • You’re a security generalist with firm understanding and/or hands on experience in some of these domains - 
    • OS internals and security hardening (MacOS, Linux, Windows)
    • Hardening of networking devices, protocols and solutions
    • Security of Cloud Infrastructure platforms
    • Account lifecycle management, multi-factor authentication, authentication and authorization protocols and solutions
    • Vulnerability and patch management, secure configuration deployment

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Apply for this Job

* Required