<link id='css--app'rel="stylesheet" href="/dist/css/app.min.css"> Opportunities – Trilogy

Opportunities

Staff Information Security Engineer at Lookout
Toronto, CA
Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen -- predicting and stopping mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit .

About the job:

You immerse yourself in all aspects of security.  You are looking for an opportunity that will try your technical skills and challenge your creativity.  You are ready to face a wide range of security questions, many of which have not been considered before.  Production servers, networks, endpoint devices, and data are safe in your hands. You are a subject matter expert who wants to implement tactical solutions and contribute to innovative strategic solutions to big picture issues.

Responsibilities:

You’ll be tasked with improving security across all aspects of Lookout.  The infrastructure, mostly in Amazon Web Services, will run complex highly security-sensitive services, at significant scale.  You will be challenged every day.

    Push the boundaries of security technology to create defenses for large scale production infrastructure and networks.
    Provide subject matter expertise on network architecture and security controls
    Perform security assessments of production and corporate cloud infrastructures
    Define and implement network access control policies, automation and technical controls
    Harden our infrastructure from attack
    Define and implement innovative monitoring and alerting systems to enable detection of intrusions
    Create services and tools to manage the security of our infrastructure

Requirements:

    BS in Computer Science, Computer Engineering of Electrical Engineering
    8 + years of practical experience with network security architecture design, including implementation of large scale networks in cloud infrastructure
    Deep knowledge and hands on experience with AWS and AWS security controls (IAM, Lambda, Cloudtrail...). Multicloud experience (e.g. GCP) preferred.
    Experience with threat hunting and day-to-day SIEM design and operation: ensuring that the necessary data to make decisions is fed to the tools, creating and tuning alerts and dashboards, incident response, creating runbooks.  ELK SIEM experience preferred.
    Experience with DevOps processes and tooling, including infrastructure-as-code.
    Experience with writing and using network automation tools, and scripting languages (ruby/python preferred)
    Experience with security tooling - vulnerability management; container, application and network level scanners: deploying, tuning and maintaining, and integrating with other systems (development systems, reporting and analytics systems)

Nice to have skills:

    Experience with certificate lifecycle management, CA implementation and operation
    Knowledge of and experience with container security architecture and tooling
    Expert knowledge of Linux operating systems
    Expert knowledge of cryptographic protocols
    Software development experience, and deep familiarity with Secure Development Lifecycles and secure development tooling (static and dynamic analysis, component security)
    Security Certifications are a plus
    Familiarity with compliance frameworks and standards (FedRAMP, ISO27001, SOC2, etc.) is preferred