Work with Software Development, Business Analyst, and Infrastructure teams to make the right security decisions with respect to identified flaws and vulnerabilities and current/future application architecture.
What you’ll be doing:
- Conducting security reviews – from high-level web application architecture to OS level parameters in order to meet security goals
- Proactively identify security flaws and vulnerabilities, and exercise risk-based judgment in influencing teams to mitigate vulnerabilities
- Work with Software Development, Business Analyst, and Infrastructure teams to make the right security decisions with respect to identified flaws and vulnerabilities and current/future application architecture
- Evaluate the impact to the organization of current security trends, advisories, and publications
- Ensure current practices comply with security policies
- Recommend/implement changes to security policies and practices to improve the security posture of the company
- Work with partners to ensure requested security requirements are feasible for Kabbage
- Complete needed documentation for compliance (partner security requirements, SOC, etc.)
- Maintain the corporate and production infrastructure including networks, servers, load balancing, firewalls, DNS, and AD
- Set up and configure application stacks to run the Kabbage applications and supporting systems such as Hadoop and ELK
- Design and implement things like configuration management, networks, smart load balancing, and web caching
- Troubleshoot hardware and software and deliver top-notch support
- Provide mentoring to other engineers in technical skills, service delivery and ping pong
- Participate in the team on-call rotation
- Work with the development/engineering teams creating the Kabbage web apps to ensure the apps scale to predicted demand
- Review current implementations/designs, recommend improvements to support explosive growth, and implement said improvements
- Help the team evolve current processes with an eye towards automating the repetitive tasks so the humans can focus on solving the hard problems.
What we're looking for in you:
- Strong Linux experience
- Experience in system administration and security hardening of at least Linux servers; Window server hardening a plus,
- Experience with security and monitoring tools
- Experience building and administering VPNs
- Experience with open source technologies such as cephFS, Nginx, Docker is a plus
- Fundamental knowledge of corporate and web networking and load balancing (Cisco, F5, etc.)
- Fundamental knowledge of web serving technologies and approaches (HTTP, TLS/SSL, Nginx, IIS, Apache, etc.)
- An understanding of web application stacks and how to scale them
- Experience working in a fast paced environment
- Experience working with hosted service and cloud providers such as AWS, Peak10
- Self motivated, as you will be part of a small team
- A positive “can do” attitude
- A constant drive to improve the experience of our users and our internal processes: "How can I make things better?"
- Initiative and problem solving skills: If you don’t know how to do something you consider it a challenge to try to figure it out for yourself
- The ability to balance and prioritize multiple projects and remain calm under pressure.
What you should have:
- Proactivity: Resourceful, has grit, and a positive “can do” attitude; acts without being told what to do.
- Flexibility/adaptability: Is cool with rapidly changing priorities and projects.
- Follow-through: Follows-through on items without being managed.
- Calm under pressure: Ability to navigate and lead the team through high-priority last minute requests and other high stress situations; Works well under high-pressure timelines.
- Analytical skills: Likes learning and learns quickly.
- Communication: Ability to speak clearly and with intent.