Replicon's Site Reliability Engineering (SRE) team has a focus on automating the smooth operation of Replicon's Cloud Platform. We strive to accomplish projects such as fully automating a continuous delivery process, building highly resilient infrastructure components, and introducing & practicing Chaos Engineering.
Senior Security Engineers are dedicated every day to making the Replicon Cloud Platform a digital "Fort Knox", in an automated, agile, fast-paced, continuous delivery world. They are able to identify areas where system security can be improved, prioritize those improvements, identify and remove bottlenecks to better security, and drive our security implementation forward. Senior Security Engineers evangelize the DevSecOps mindset in Replicon; the entire engineering organization is responsible for making a secure system, and Senior Security Engineers are responsible for enabling and empowering those teams. They are expected to constantly be learning and applying industry best-practices in the system and product security.
- Proactively find and remediate security risks in the entire organization, from the internal IT systems to the customer-facing web applications
- Take a leadership role to enact change; don't accept the way things are done today, we can always do better
- Design, deploy, monitor and action the findings of automated systems for security enhancement in a globally distributed enterprise web application
- Collaborate with the operations compliance team to meet and exceed the strictest compliance requirements for cloud system security
- Enable the product and infrastructure engineering teams to build our world-class cloud platform, while protecting internal and customer data
- Understands the principles of network, IT system, and web application security
- Deep understanding of networking & web technologies (TCP/IP, firewalls, HTTP, DNS, TLS/SSL, web services)
- Extensive experience with a Cloud-based infrastructure; strong preference for AWS
- Experience working with DevOps automation tools (eg. Docker, Terraform)
- Polyglot software development capabilities, for building and integrating new security systems, and for understanding working systems in a microservice architecture
- Working knowledge of applied cryptographic systems; TLS, encryption-at-rest, key management
- Familiar with Enterprise-level security protocols and methods such as web application firewalls, SSO & SAML, multi-factor authentication, federated identity
- Working experience with automated security toolings, such as vulnerability scanning, intrusion detection, and prevention