Ref#: R0007789

Our mission.

As the world’s number 1 job site, our mission is to help people get jobs. We need talented, passionate people working together to make this happen. We are looking to grow our teams with people who share our energy and enthusiasm for creating the best experience for job seekers.

The team.

We are builders, we are integrators. Tech Services creates and optimizes solutions for a rapidly growing business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don’t have to wait for some architect or manager to tell you what you can work on - you decide the priorities. With tech hubs in Seattle, San Francisco, Austin, Tokyo and Hyderabad, we are improving people's lives all around the world, one job at a time.

Your job.

Indeed is seeking a Senior Security Engineer who is fired up about providing data-center security solutions to secure innovative products that scale to tens of millions of pageviews a day, and over 200 million unique visitors per month. 


The Senior Security Analyst will interact with stakeholders across all technical teams: Development, Quality Assurance, IT, Operations, and Product Management to design, implement and manage the security infrastructure for our customer-facing and employee-facing data centers.  This is an exceptional opportunity to secure one of the most visited web properties in the world.


Responsibilities

  • Evaluate, architect, build, and support security infrastructure that detects and responds to threats, including IPS, WAF, UTM, SIEM, NAC, and NSM systems.
  • Provide network and infrastructure security expertise during responses to security incidents.
  • Act as the point of escalation for network security systems,  to ensure their uptime and  availability. 
  • Work with Security teammates to sustain and improve our SIEM and network security monitoring functions.
  • Work with your Indeed colleagues in Tech Services and beyond, to bring new benefits to our jobseekers, while continuously improving our security posture. This means staying informed of new infosec threats, identifying and piloting risk-reduction and mitigation technologies, and then collaborating to get these protections into production without downtime.
  • Enhance the analysis of vulnerability daita and improve upon remediation strategies.
  • Perform forensic infosec investigations in the customer-facing network, to identify attack vectors and mitigation tactics. 
  • Ensure that communications among data-center security devices are adequately and properly secured, using standard encryption technologies. 
  • Collaborate with technical teams to identify, resolve, and mitigate vulnerabilities.
  • Spread security awareness through tech talks, lunch and learns, and community involvement. Perform ethical hacking against systems on the network. 
  • Other tasks as assigned

About you.

Demonstrated ability to:

  • Provide full lifecycle engineering and management of enterprise-scale security infrastructure. This is everything from R&D to implementation, to support handover and documentation. 
  • Work with Network and Systems Engineers, and management, to maintain the velocity of application deployments to data centers, while providing innovative security solutions.  
  • Innovate in melding open-source, proprietary, and cloud-based security technologies for a custom-fit security solution for your organization. 
  • Harden system and network configurations (in a LAMP stack) to be resilient against attacks. Experience with open source technologies and environments.    

Qualifications:

  • Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems, or related field. 
  • Minimum three (3) years of prior hands-on experience in one or more of the following: Monitoring host-based and network-based IPS and/or Web Application Firewalls (WAFs) in a distributed global environment. 
  • A complete understanding of the network engineering foundations of data center security.  Knows the TCP stack like the back of their hand.  
  • Knowledge of attack vectors (malware, web application, social engineering, etc). 
  • Experience with incident response and handling. 
  • Aggregating and correlating alerts from highly distributed networks and systems into a SIEM or analytics tool to provide context, environmental awareness, baselines, and root cause analysis. 
  • Tuning security monitoring tools to focus on the alerts and events that pose the greatest risk. Investigating compromised systems, malware, rootkits, packet captures, and security incidents. 
  • Implemented and supported security monitoring devices preferred 
  • Automation and scripting in Python or Perl preferred
  • Previous Unix/Linux System Administration experience a plus.
  • Served on 24x7 Security Operations Center preferred 
  • Accredited certifications desirable, e.g.: CISSP

Indeed provides a variety of benefits that help us focus on our mission of helping people get jobs. View our bounty of perks: http://indeedhi.re/IndeedBenefits