We are in search of a Sr SRE Security Engineer to join our IT Security Team. This pivotal role entails close collaboration with the Site Reliability Engineering (SRE), Network, and Operations teams aimed at elevating our security posture.
Reporting directly to the IT Security Manager within the Information Security Department, the Sr SRE Security Engineer will also be an essential component of the SRE team, concentrating on all facets related to security.
As a Sr SRE Security Engineer, you should embody initiative, holding a fervent enthusiasm for both on-prem and cloud security while flourishing in the arena of vulnerability remediation and security troubleshooting.
Your role will encompass providing operational support for Vulnerability Management and the associated remediation procedures.
Our IT Security Team is engaged in identifying, assessing, and mitigating threats, vulnerabilities, and correlated risks pertaining to DoubleVerifys information assets and resources.
Leveraging your technical skills, you will navigate across major public clouds and our global data centers, employing best-of-class tools to oversee and redress vulnerabilities.
Reporting directly to the IT Security Manager within the Information Security Department, the Sr SRE Security Engineer will also be an essential component of the SRE team, concentrating on all facets related to security.
As a Sr SRE Security Engineer, you should embody initiative, holding a fervent enthusiasm for both on-prem and cloud security while flourishing in the arena of vulnerability remediation and security troubleshooting.
Your role will encompass providing operational support for Vulnerability Management and the associated remediation procedures.
Our IT Security Team is engaged in identifying, assessing, and mitigating threats, vulnerabilities, and correlated risks pertaining to DoubleVerifys information assets and resources.
Leveraging your technical skills, you will navigate across major public clouds and our global data centers, employing best-of-class tools to oversee and redress vulnerabilities.
Requirements:
Experience with building, configuring, and managing patch management tools.7+ years as a Security Engineer \ SRE \ DevOps engineer with a passion for security and doing things right.
4-6 years of related experience in vulnerability management and remediation
Hands-on Experience with patching and hardening Linux, Windows, and ESXi servers is essential.
High proficiency within cloud environments – with a preference for GCP and AWS.
Proficiency in automation and configuration management tools (e.g Ansible,Terraform, Puppet).
Proficiency in scripting languages, including Bash, Python and/or PowerShell.
1-2 years developing playbooks, runbooks, and troubleshooting technical issues.
Ability to grasp new technologies quickly and prioritize and multitask on multiple responsibilities
Effective documentation skills, including technical diagrams and written descriptions.
Experience analyzing vulnerabilities and adjusting the risk rating/severity dependent on internal factors.
Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results.
Proficient in firewall management, with hands-on experience in configuration and optimization to ensure network security.
Familiarity with ITSM solutions, including platforms like Jira and Freshdesk.
Clear communication and collaboration abilities for cross-functional teamwork.
Critical thinking and ability to balance security requirements with mission needs.
Exceptional organizational skills demonstrated through adept autonomy, independent work, collaborative teamwork, and an unwavering professional demeanor. This extends to adept tracking and comprehensive reporting of work and time allocations.
Bonus Points:
Certifications from cloud vendors, as well as esteemed organizations like CISSP, CISM, or CISA, will be regarded favorably.
Experience with building, configuring, and managing patch management tools.7+ years as a Security Engineer \ SRE \ DevOps engineer with a passion for security and doing things right.
4-6 years of related experience in vulnerability management and remediation
Hands-on Experience with patching and hardening Linux, Windows, and ESXi servers is essential.
High proficiency within cloud environments – with a preference for GCP and AWS.
Proficiency in automation and configuration management tools (e.g Ansible,Terraform, Puppet).
Proficiency in scripting languages, including Bash, Python and/or PowerShell.
1-2 years developing playbooks, runbooks, and troubleshooting technical issues.
Ability to grasp new technologies quickly and prioritize and multitask on multiple responsibilities
Effective documentation skills, including technical diagrams and written descriptions.
Experience analyzing vulnerabilities and adjusting the risk rating/severity dependent on internal factors.
Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results.
Proficient in firewall management, with hands-on experience in configuration and optimization to ensure network security.
Familiarity with ITSM solutions, including platforms like Jira and Freshdesk.
Clear communication and collaboration abilities for cross-functional teamwork.
Critical thinking and ability to balance security requirements with mission needs.
Exceptional organizational skills demonstrated through adept autonomy, independent work, collaborative teamwork, and an unwavering professional demeanor. This extends to adept tracking and comprehensive reporting of work and time allocations.
Bonus Points:
Certifications from cloud vendors, as well as esteemed organizations like CISSP, CISM, or CISA, will be regarded favorably.
This position is open to all candidates.
