Sauce Labs, a successful and rapidly growing startup, is a world class platform for continuous testing. We are looking for an experienced Information Security engineer as we expand our Security team to support a rapidly growing global private and public Cloud-based infrastructure. Can you effectively switch between many "security hats" throughout the day? Do you have a track record of mastering different information security skills? Do you love solving problems in uncharted territories?
Are you interested in working on a broad range of security projects for an organization that delivers the world's largest automated testing cloud for web and mobile applications? If so, then Sauce Labs could be a great fit for you and your career.
- Design, build, and maintain security controls in an agile, DevOps environment with an emphasis on automation.
- Act as trustworthy internal security consultant to advise, train, and enable others.
- Perform network-, application- and policy-level security assessments, including Cloud-hosted systems. (AWS, GCP, KVM)
- Recommend and implement technical, process, and policy changes to maintain appropriate security levels.
- Design, test, and deploy systems to improve security monitoring and response capabilities. Includes datacenter, public- and private-cloud environments.
- Create and maintain scripts and custom-built tools to automate routine security tasks and increase our security posture.
- Forensic analysis and incident response, including participating in on-call rotation schedule.
Successful candidates are exceptional at:
- Leading projects and delegating tasks across a diverse group.
- Communicating and successfully collaborating with internal customers.
- Constantly performing root cause analysis and making data-driven decisions.
- Striking the right balance between "security best practices" and "business agility".
- Learning new things quickly, making decisions without perfect information when necessary, and juggling multiple priorities effectively.
- Taking the initiative to identify opportunities and propose solutions to improve Sauce Labs's security posture.
- Staying current on system- and network-level security best practices, attacks, and countermeasures.
- Representing Information Security and communicating effectively with peers and management.
- Supporting the diverse needs of both Corporate IT and Production environments.
- Communicating complex technical concepts to both technical and non-technical audiences
- Building and maintaining productive working relationships with both onsite and remote staff.
Preferred skills include:
- Minimum 4-6 years work experience in an OPSEC, NETSEC, or DevOps security role.
- Strong Python, Perl or other scripting experience. YAML
- Solid familiarity with the TCP/IP protocol stack, Linux and Windows OSes, routers and firewalls.
- Experience with network- and host-based IDS/IPS, Web Application Firewalls, and load balancers.
- Experience with Sumo Logic/Splunk/SIEM.
- Experience securing images, containers, and Kubernetes.
- Experience with Ansible, SaltStack, Terraform and similar automation tooling
- Experience with vulnerability management and penetration testing.
- Working knowledge of OWASP web application security controls.
- Familiarity with encryption and key management systems.
- Cloud security best practices, including IaaS, PaaS, and SaaS.
- Strong written and verbal communication skills.
- BS or MS in Computer Science or equivalent experience.
- CISSP, CSSLP, GWAPT, SANS or other security certifications would be a plus