Senior Security Engineer

Sauce Labs   •  

Virtual / Travel

Industry: Technical Services

  •  

5 - 7 years

Posted 53 days ago

Sauce Labs, a successful and rapidly growing startup, is a world class platform for continuous testing. We are looking for an experienced Information Security engineer as we expand our Security team to support a rapidly growing global private and public Cloud-based infrastructure. Can you effectively switch between many "security hats" throughout the day? Do you have a track record of mastering different information security skills? Do you love solving problems in uncharted territories?

Are you interested in working on a broad range of security projects for an organization that delivers the world's largest automated testing cloud for web and mobile applications? If so, then Sauce Labs could be a great fit for you and your career.


Responsibilities include:

  • Design, build, and maintain security controls in an agile, DevOps environment with an emphasis on automation.
  • Act as trustworthy internal security consultant to advise, train, and enable others.
  • Perform network-, application- and policy-level security assessments, including Cloud-hosted systems. (AWS, GCP, KVM)
  • Recommend and implement technical, process, and policy changes to maintain appropriate security levels.
  • Design, test, and deploy systems to improve security monitoring and response capabilities. Includes datacenter, public- and private-cloud environments.
  • Create and maintain scripts and custom-built tools to automate routine security tasks and increase our security posture.
  • Forensic analysis and incident response, including participating in on-call rotation schedule.

Successful candidates are exceptional at:

  • Leading projects and delegating tasks across a diverse group.
  • Communicating and successfully collaborating with internal customers.
  • Constantly performing root cause analysis and making data-driven decisions.
  • Striking the right balance between "security best practices" and "business agility".
  • Learning new things quickly, making decisions without perfect information when necessary, and juggling multiple priorities effectively.
  • Taking the initiative to identify opportunities and propose solutions to improve Sauce Labs's security posture.
  • Staying current on system- and network-level security best practices, attacks, and countermeasures.
  • Representing Information Security and communicating effectively with peers and management.
  • Supporting the diverse needs of both Corporate IT and Production environments.
  • Communicating complex technical concepts to both technical and non-technical audiences
  • Building and maintaining productive working relationships with both onsite and remote staff.

Preferred skills include:

  • Minimum 4-6 years work experience in an OPSEC, NETSEC, or DevOps security role.
  • Strong Python, Perl or other scripting experience. YAML
  • Solid familiarity with the TCP/IP protocol stack, Linux and Windows OSes, routers and firewalls.
  • Experience with network- and host-based IDS/IPS, Web Application Firewalls, and load balancers.
  • Experience with Sumo Logic/Splunk/SIEM.
  • Experience securing images, containers, and Kubernetes.
  • Experience with Ansible, SaltStack, Terraform and similar automation tooling
  • Experience with vulnerability management and penetration testing.
  • Working knowledge of OWASP web application security controls.
  • Familiarity with encryption and key management systems.
  • Cloud security best practices, including IaaS, PaaS, and SaaS.
  • Strong written and verbal communication skills.
  • BS or MS in Computer Science or equivalent experience.
  • CISSP, CSSLP, GWAPT, SANS or other security certifications would be a plus