WeWork is an organization committed towards helping people around the world make a life, and not just a living. We accomplish this through the thoughtful design of our spaces and technology.
We build and maintain a wide range of technology to support our mission. Infrastructure powers our buildings, applications, services and most importantly our members.The Infrastructure Security team is the nervous system that allows WeWork to operate while protecting assets and reducing risk, delivering transparent and innovative information security solutions.
About the Role
The Staff Security Engineer will be responsible for securing and hardening WeWork’s infrastructure including but not limited to systems, networks, endpoints and IoT devices. The engineer will work closely with Building Technology, Product and Engineering teams to insure the security of our infrastructure. The ideal candidate with be tenacious, vendor agnostic and familiar with large internal networks. Additionally, you will lead security reviews of infrastructure, research and test new technologies while participating in the buildout and management of a secure network.
- Audit and review of firewall and VPN policies
- Network Device Hardening
- Wireless Security
- AD/ESX Security
- Endpoint Security, Host Based Firewall
- OS and System Hardening, OS Version Control and Baselining
- Access & Visibility
- Network Access Controls
- Insure all systems and networks are being monitored and logged for security operations team
- Write and maintain information security plans
- Work with product and systems teams to perform threat models for their features
- Work with the larger security team to manage third-party audits and application penetration tests
- Advancing your personal knowledge of information security to stay on the bleeding edge
Desired Skills and Experience
- 8 years of experience as network/system security engineering
- Ability to identify & propose solutions that improve security capabilities & drive operational efficiencies
- Proficient with common network, system and web application attack vectors and related mitigation strategies as well as the infrastructure
- Working knowledge of scripting languages (python preferred)
- Proficient in network protocols like TCP/IP, HTTPS, SSH, TLS, BGP, DNS, SNMP, 802.1X
- Proficient in firewalls, routers, proxies, load balancers, and UNIX-based systems
- Proficient in network security designs
- Proficient in security concepts and technologies such as IPS, VPNs, D/DoS
- Working knowledge of common web architectures and related security risks
- Proficient knowledge of large scale networks including architecture and security risks
- Proficient knowledge Windows based operating systems
- Undergraduate or Graduate degree in Networking, Computer Science or other computer-related specializations
- Ability to work well independently and in a team environment.
- Ability to work in a face paced and high-pressure environment.
- Ability to write technical specifications and operational documentation
Ideal candidates will have:
- Bachelor’s degree in Computer Science, Computer Engineering, Information Systems, or related field and/or 8+ years of equivalent work experience required
- Excellent analytical, troubleshooting & interpersonal skills
- Strong verbal and written communication skills
- Self-motivated and able to work independently
Effective communication skills to translate technical risks and exposures to a business perspective