Lookout is an integrated endpoint-to-cloud security company. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by millions of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.
About the job:
You immerse yourself in all aspects of security. You are looking for an opportunity that will try your technical skills and challenge your creativity. You are ready to face a wide range of security questions, many of which have not been considered before. Production servers, networks, endpoint devices, and data are safe in your hands. You are a subject matter expert who wants to implement tactical solutions and contribute to innovative strategic solutions to big picture issues.
You’ll be tasked with improving security across all aspects of Lookout. The infrastructure, in AWS and GCP, runs complex highly security-sensitive services, at significant scale. You will be challenged every day.
- Push the boundaries of security technology to create defenses for large scale production infrastructure and networks.
- Provide subject matter expertise on network architecture and security controls
- Perform security assessments of production and corporate cloud infrastructures
- Define and implement network access control policies, automation and technical controls
- Harden our infrastructure from attack
- Define and implement innovative monitoring and alerting systems to enable detection of intrusions
- Create services and tools to manage the security of our infrastructure
- BS in Computer Science, Computer Engineering of Electrical Engineering
- 5 + years of practical experience with network security architecture design, including implementation of large scale networks in cloud infrastructure
- Deep knowledge and hands on experience with AWS and AWS security controls (IAM, Lambda, Cloudtrail...). Multicloud experience in GCP preferred.
- Experience with threat hunting and day-to-day SIEM design and operation: ensuring that the necessary data to make decisions is fed to the tools, creating and tuning alerts and dashboards, incident response, creating runbooks. ELK SIEM experience preferred.
- Experience with DevOps processes and tooling, including infrastructure-as-code.
- Experience with writing and using network automation tools, and scripting languages (ruby/python preferred)
- Experience with security tooling - vulnerability management; container, application and network level scanners (developing, tuning and maintaining, and integrating with development and analytics/reporting systems)
- Experience with certificate lifecycle management, CA implementation and operation
- Knowledge of and experience with container security architecture and tooling
- Expert knowledge of Linux operating systems
- Expert knowledge of cryptographic protocols
Nice to have skills:
- Software development experience, and deep familiarity with Secure Development Lifecycles and secure development tooling (static and dynamic analysis, component security)
- Security Certifications are a plus
- Familiarity with compliance frameworks and standards (FedRAMP, ISO27001, SOC2, etc.) is preferred