As a Security Engineer, you’ll work closely with business and technical stakeholders to ensure Vimeo remains safe and secure. You’ll plan and carry out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. Provide hands-on support for a broad spectrum of technologies, including systems and software running on Linux systems, network devices, virtual machines, as well as Vimeo’s various offerings.
What you’ll do:
Contribute to the infrastructure and security teams at Vimeo
Prioritize, triage and remediate vulnerabilities and findings from system scans and bug bounty programs
Perform regular security assessments of Vimeo’s platforms and infrastructure
Improve security in our office, through our data centers and across cloud providers
Identify and remediate weaknesses in our processes and procedures
Configure Vimeo systems to comply with industry best practices and hardening standards
What we’re expecting:
Solid understanding of OSI model, TCP/IP, HTTP and TLS
Comfortable reading/writing ACLs and firewall rules to restrict network access
Understands principle of least privilege and the confidentiality, integrity, and availability triad and will work to enforce those concepts in our environment
Vulnerability scanning and incident response experience
Patching and Linux systems security and hardening
Experience with Red Hat and variants
Experience with web application penetration testing
Experience with one or more of the following languages: Bash, Ruby, Python, PHP, Node.js
Comfortable with DevOps style tools like Ansible, Chef, GitHub, Jenkins, Puppet, etc.
Link to a Github repo with security tools/scripts you’ve developed or help maintain
Experience managing a large number of production systems
Web development experience or open source vulnerability research
Experience with system security hardening guidelines
Founded in 2004 and based in New York City, Vimeo, Inc. is an operating business of IAC (NASDAQ: IACI).