Who we are

DoubleVerify is a big data and analytics company. We track and analyze tens of billions of ads every day for the biggest brands in the world like Apple, Nike, Disney, Vodafone, and most of the Fortune 500 companies. If you ever saw an Ad online via Web, Mobile, or CTV device then there are big chances that it was analyzed and tracked by us.

We operate at a massive scale, our backend handles over 100B+ events per day, we analyze and process those events in real-time while making decisions on the environment where the ad is running and all the user interactions during the Ad display lifecycle. We verify that all Ads are Fraud Free, Brand Safe, in the right Geo and highly likely to be viewed and engaged, all that in less than a fraction of a second.

What will you do

We are in search of a Sr SRE Security Engineer to join our IT Security Team. This pivotal role entails close collaboration with the Site Reliability Engineering (SRE), Network, and Operations teams aimed at elevating our security posture. Reporting directly to the IT Security Manager within the Information Security Department, the Sr SRE Security Engineer will also be an essential component of the SRE team, concentrating on all facets related to security.

As a Sr SRE Security Engineer, you should embody initiative, holding a fervent enthusiasm for both on-prem and cloud security while flourishing in the arena of vulnerability remediation and security troubleshooting. Your role will encompass providing operational support for Vulnerability Management and the associated remediation procedures. Our IT Security Team is engaged in identifying, assessing, and mitigating threats, vulnerabilities, and correlated risks pertaining to DoubleVerify’s information assets and resources. Leveraging your technical skills, you will navigate across major public clouds and our global data centers, employing best-of-class tools to oversee and redress vulnerabilities.

Job Responsibilities

Work closely and in full coordination with multiple departments, SRE, Operation, DevOps, and Network teams to produce a highly secure posture.
Handle, prioritize, and effectively bring security vulnerabilities to resolution for Production, Staging, and Dev environments; you will play an active part in resolving them.
Develop, update, and guide procedures for security enhancements, test these procedures, and facilitate their handover to the operations team for complete remediation.
Review vulnerabilities and data from various sources (e.g., vulnerability scanning, penetration testing) across different technologies and environments to assess the risk level to business assets and help remediate them.
Build, configure, and manage vulnerability management tools within company environments, serving as the subject matter expert for vulnerability management queries.
This position will be the liaison between the IT Security Team and various SRE, DevOps, Network, and Operation teams and must be able to provide technical remediation details or workarounds, help track and identify asset inventory, log work tickets and exceptions, and research vulnerability findings.
Be the go-to expert for implementing security agents on Production, Staging, and Dev environments, ensuring the security of these assets throughout their lifecycle. (Such as configuring and troubleshooting any security solution agent & authentication issues).
Proficiently managed security aspects of Linux, Windows, and ESXi servers, including patch management and fundamental security practices.
Execute OS patching and work towards automating this process, following a thorough testing and deployment cycle across development, staging, and production environments, which include proper notification and auditing process.
Implement technical solutions to automate repetitive tasks.
Undertake notifications and audits related to security work and maintain a proactive and organized approach.
Manage and follow up on tickets related to remediation or hardening requests.
Provide analysis of Information Security vulnerabilities and determine true or false positives, and work with appropriate teams for remediation.
Engage actively in Proof of Concept initiatives to assess and onboard novel security solutions. Offer technical expertise to ensure effective deployment and alignment with security goals. Document findings comprehensively and conduct thorough comparisons of potential solutions, aiding the team in making informed decisions.
Help focus the engineering teams on working on high-value security issues and avoid toiling on non-security issues
Demonstrate self-management skills to effectively track and report on work and time allocation.

Who you are

Experience with building, configuring, and managing patch management tools.7+ years as a Security Engineer \ SRE \ DevOps engineer with a passion for security and doing things right.
4-6 years of related experience in vulnerability management and remediation
Hands-on Experience with patching and hardening Linux, Windows, and ESXi servers is essential.
High proficiency within cloud environments - with a preference for GCP and AWS.
Proficiency in automation and configuration management tools (e.g Ansible,Terraform, Puppet).
Proficiency in scripting languages, including Bash, Python and/or PowerShell.
1-2 years developing playbooks, runbooks, and troubleshooting technical issues.
Ability to grasp new technologies quickly and prioritize and multitask on multiple responsibilities
Effective documentation skills, including technical diagrams and written descriptions.
Experience analyzing vulnerabilities and adjusting the risk rating/severity dependent on internal factors.
Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results.
Proficient in firewall management, with hands-on experience in configuration and optimization to ensure network security.
Familiarity with ITSM solutions, including platforms like Jira and Freshdesk.
Clear communication and collaboration abilities for cross-functional teamwork.
Critical thinking and ability to balance security requirements with mission needs.
Exceptional organizational skills demonstrated through adept autonomy, independent work, collaborative teamwork, and an unwavering professional demeanor. This extends to adept tracking and comprehensive reporting of work and time allocations.

Bonus Points

Certifications from cloud vendors, as well as esteemed organizations like CISSP, CISM, or CISA, will be regarded favorably.

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone *

Resume/CV *

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

LinkedIn Profile

Website

Where did you first learn about this opportunity? (If you were referred, please note individual's name) *

What are your compensation expectations for this role? *

Have you worked on vulnerability remediation tasks within the last five years ? *

Do you have experience with OS patching for Linux servers ? *

Have you written Linux Scripts ? *

Do you have experience writing an Ansible Playbook ? *

Have you created or contributed to a patch management automation process ? *

Have you managed vulnerability tasks across more than 300 servers ? *

Have work experience with VMs on Vmware infrastructure (vcenter\esxi) ? *

Have work experience with Cloud environment? *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in DoubleVerify’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Voluntary Self-Identification of Disability

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.

Sr. SRE Security Engineer

Apply for this Job

Voluntary Self-Identification

Voluntary Self-Identification of Disability