Our mission.As the world’s number 1 job site, our mission is to help people get jobs. We need talented, passionate people working together to make this happen. We are looking to grow our teams with people who share our energy and enthusiasm for creating the best experience for job seekers.
The team.We are a rapidly growing and highly capable engineering team building the most popular job site on the planet. Every month, over 250 million people count on us to help them find jobs, publish their resumes, process their job applications, and connect them to qualified candidates for their job openings. With engineering hubs in Seattle, San Francisco, Austin, Tokyo and Hyderabad, we are improving people's lives all around the world, one job at a time.
Indeed is seeking a strong Cloud Security Engineer to drive continuous improvement to our information assurance posture using code to scale security solutions across the company.
This individual will have a passion for securing innovative products that scale to tens of millions of page views a day, with over 180 million unique visitors per month. The Cloud Security Engineer will interact with
stakeholders across all technical teams including Development, Quality Assurance, IT, Operations, and Product Management.
Our team of Cloud Security Engineers embeds with the SMB Hiring teams to guide them in maximizing feature velocity while achieving information assurance goals. The SMB Hiring team products are used by millions of Small and Mid-Sized companies globally receiving tens of millions of job applications per month all around the world. Globally, people count on our SMB teams to ensure Indeed’s employer products are available, fast, and working correctly to ultimately get people hired! Our work integrates with many teams across Indeed and requires highly technical, innovative, flexible thinkers with excellent communication and passion for delivering the best experience to help people get jobs.
The Cloud Security Engineer will be expected to perform some or all of the following:
- Work with other teams to identify, resolve, and mitigate vulnerabilities in their systems
- Evaluating or creating new technologies and services in order to solve complex security issues
- Perform design reviews and risk assessments for new applications integrating with core services
- Write software to detect, remediate, and enforce security standards in AWS
- Guide product engineering teams to adopt security standards directly in our software and development lifecycle
- Perform analysis of log files and data outputs and perform triage of incoming issues using a ticketing & tracking system
- Provide tuning recommendations of security tools based on the analysis of empirical data
- Produce and review daily and weekly metrics for security events
- Deployment and administration of endpoint security tooling
- Propose, design, and build new systems and processes
- Create and maintain documentation for new and existing processes and deployments
- Stay up-to-date with trends in the information security community including new vulnerabilities, methodologies, and products
- Cloud: Worked with AWS, understands VPC, Security Groups, EC2, S3,...(or equivalent cloud)
- Bachelor’s of Science degree in Computer Science, Engineering, Computer
- Security, Information Systems, or related field, OR comparable level of professional experience
- Experience with technologies from at least one public cloud (AWS, GCP, Azure)
- Experience with open source technologies like Git, Terraform, and Docker
- Experience in at least one programming language (Java, Python or Go)
- Run penetration testing, produce reports, and participate in code reviews, design discussions, etc.
- Large scale systems development is not required, but we do want this individual to be able to help and lead team, for example, to “add OAuth to their Service” and guide the team precisely on how to achieve it (work within the code, code review for correctness, etc) Example: They should be able to build a PoC application for the team that shows how to integrate and help merge the PoC with the real service
- Experience mentoring junior engineers
- Knowledge of attack vectors (malware, web application, social engineering, etc) and attack surfaces (ports, firewalls, incoming data
- processing, interfaces, etc.)
- Experience with open source technologies and environments
- Automation and scripting experience in Python or similar
- Hands-on experience with Linux, AWS, and network fundamentals
Preferred Additional Knowledge/Skills/Abilities:
- Strong competencies in data structures, algorithms, and software design
- Experience adopting security practices across an enterprise
- Experience with container orchestration and service mesh technologies like Kubernetes, Envoy, and Consul
- Master's degree
- Professional Security certifications: GIAC certifications, OSCP (Offensive Security Certified Professional), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), or comparable
Indeed is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.