Senior Security Engineer

Veeva Systems Inc   •  

Columbus, OH

Industry: Enterprise Technology

  •  

5 - 7 years

Posted 55 days ago

At Veeva, we build enterprise cloud technology that powers the biggest names in the pharmaceutical, biotech, consumer goods, chemical & cosmetics industries. Our customers make vaccines, life-saving medicines, and life-enhancing products that make a difference in everyday lives. Our technology has transformed these industries; enabling them to get critical products and services to market faster. Our core values, Do the Right Thing, Customer Success, Employee Success, and Speed, guide us as we make our customers more efficient and effective in everything they do.


The Role


Veeva's Security Engineering Team is seeking Security Engineers with a wide range of technology experience to help keep Veeva secure and safe from attackers. Our team in Columbus is growing, and we want you to join us!

This role has a broad scope, ranging from Veeva's AWS services, infrastructure and processes, discovering weaknesses in Veeva's architecture, and working with various platform teams, third party testers and researchers to sharpers our detective and preventative capabilities. This role presents an ultimate test of one's security knowledge and ability, along with the support of a team of highly skilled individuals.

What You'll Do

  • A Security Engineer at Veeva is expected to be strong in multiple domains. Engineers in this role workclosely with teams throughout Security, such as the Threat Intelligence, Application Security and Security Operations teams, as well as provide technical leadership and advice to teams and leaders throughout Veeva. You will be in direct contact with numerous teams in a variety of business platforms, giving you firsthand knowledge about how Veeva is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Veeva to find new ways to break software and processes throughout the company.
  • Engineers in this role must show exemplary judgment in making technical trade-offs between short-termfixes and long-term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Individuals in this role will be expected to provide thought leadership for the organization as you discover, invent and innovate throughout the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Veeva and its customers secure.
  • Participate in the deployment, design and configuration of security tools throughout Veeva with few limits and restrictions.
  • Conduct full cycle engagements with Veeva's platform teams independently, or as part of a team.
  • Tune and configure security tools to drive out the noise for reliable security information.
  • Participate in mitigation of active security incidents.
  • Communicate findings and discoveries to prioritize and execute remediation plans.
  • Coordinate with new platform teams with the automation of security tools.
  • Maintain security's AWS VPC, EC2 or other platforms.
  • Work with systems such as WAF, IDS/IPS, Cryptographic Management, DLP, AD, VMWare, Docker, IAM, RBAC, SSO, O-Auth, Carbon Black, Rapid 7, and other security tools.

Requirements

  • BS in Computer Science or related field, or equivalent work experience
  • 6+ years in an Information Security role, engineering, cryptographic, or similar
  • Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Experience with interpreted or compiled languages: PowerShell, Python, Ruby, Perl, PHP, C/C++, Java, C#
  • Experience with Redhat, AWS Linux, AWS Linux 2, Windows Server 2008, 2012, 2016 and 2019 etc.
  • Understanding of one or more standards: SANS Top 20, NIST 800-53, CIS, CSC and other security standards

Nice to Have

  • Master of Science in Cyber Security, Information Security, MIS or equivalent
  • Experience with cloud service providers and their offerings, preferably AWS and its various technologies and APIs
  • Industry security certifications such as CISSP, CEH or others
  • Experience in Wireless and Network assessment in enterprise infrastructure
  • Experience with HSM's, CA Root Authority, Certificate Management
  • Experience in Active Directory, Federated LDAP and SSO
  • Experience with Web Application Firewalls (WAF), IDS/IPS or other security platforms
  • Experience providing training and mentorship
  • Demonstrable teamwork skills and resourcefulness
  • Ability to make concrete progress in the face of ambiguity and imperfect knowledge

Perks & Benefits

  • Flexible PTO
  • Allocations for continuous learning & development
  • Health & wellness programs