Staff Information Security Engineer at Lookout
Boston, MA, US
Lookout is the leader in mobile security, protecting the device at the intersection of the personal you and the professional you. Our mission is to secure and empower our digital future in a privacy-focused world where mobile devices are essential to all we do for work and play. We’re trusted by millions of consumers, enterprises, government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.
About the job:
You immerse yourself in all aspects of security. You are looking for an opportunity that will try your technical skills and challenge your creativity. You are ready to face a wide range of security questions, many of which have not been considered before. Production servers, networks, endpoint devices, and data are safe in your hands. You are a subject matter expert who wants to implement tactical solutions and contribute to innovative strategic solutions to big picture issues.
You’ll be tasked with improving security across all aspects of Lookout. The infrastructure, mostly in Amazon Web Services, will run complex highly security-sensitive services, at significant scale. You will be challenged every day.
Push the boundaries of security technology to create defenses for large scale production infrastructure and networks.
Provide subject matter expertise on network architecture and security controls
Perform security assessments of production and corporate cloud infrastructures
Define and implement network access control policies, automation and technical controls
Harden our infrastructure from attack
Define and implement innovative monitoring and alerting systems to enable detection of intrusions
Create services and tools to manage the security of our infrastructure
BS in Computer Science, Computer Engineering of Electrical Engineering
8 + years of practical experience with network security architecture design, including implementation of large scale networks in cloud infrastructure
Deep knowledge and hands on experience with AWS and AWS security controls (IAM, Lambda, Cloudtrail...). Multicloud experience (e.g. GCP) preferred.
Experience with threat hunting and day-to-day SIEM design and operation: ensuring that the necessary data to make decisions is fed to the tools, creating and tuning alerts and dashboards, incident response, creating runbooks. ELK SIEM experience preferred.
Experience with DevOps processes and tooling, including infrastructure-as-code.
Experience with writing and using network automation tools, and scripting languages (ruby/python preferred)
Experience with security tooling - vulnerability management; container, application and network level scanners: deploying, tuning and maintaining, and integrating with other systems (development systems, reporting and analytics systems)
Nice to have skills:
Experience with certificate lifecycle management, CA implementation and operation
Knowledge of and experience with container security architecture and tooling
Expert knowledge of Linux operating systems
Expert knowledge of cryptographic protocols
Software development experience, and deep familiarity with Secure Development Lifecycles and secure development tooling (static and dynamic analysis, component security)
Security Certifications are a plus
Familiarity with compliance frameworks and standards (FedRAMP, ISO27001, SOC2, etc.) is preferred