CareersHelp Build the Open Cloud

Security Engineer

US
Remote

Joyent, a Samsung subsidiary, is a high-performance cloud infrastructure company built to power real-time web and mobile applications.

Joyent is currently seeking a Security Engineer who will be responsible for providing security architecture design and implementation, coordinating information security efforts within the company, and identifying security initiatives and standards for safeguarding information assets held by Joyent. This will involve interacting with and working closely with business managers, the executive management team and peers.

The Security Engineer is involved with establishing, implementing and maintaining enterprise and cloud information security tools, which includes procedures and policies designed to adequately protect enterprise communications, systems and assets from both internal and external threats. A key element of this role is working with interdisciplinary technical teams within Joyent to mitigate excessive levels of risk for the organization. They must be highly knowledgeable about the business environment and must ensure that information systems are maintained in a fully functional, secure state.

Do this

  • Architect, develop and document industry best practices to support company initiatives while meeting performance and availability requirements.
  • Collaborate with Product, Operations and Engineering organizations to understand requirements and develop security specifications around project initiatives.
  • Research new security technologies and adopt suitable best practices to solve industry obstacles and security threats.
  • Provide technical leadership within the area of expertise and mentor security staff.
  • Insuring confidentiality, availability and integrity of cloud information systems and processes across the cloud infrastructure.
  • Audit all existing security standards: to include engineering designs, implementation, and guidelines.
  • Handles operational problem escalations and vendor concerns related to security.
  • Deploy and maintain internal security systems such as IDS/IPS, SIEM, WAF, FIM, DDOS and vulnerability scanners.
  • Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals.
  • Monitor the external threat environment and information security trends while keeping business leadership informed about information security-related issues and activities potentially affecting the organization.
  • Serve as the information security subject matter expert for the Incident Response team and handle escalations of any possible incidents impacting the company.
  • Provide guidance on prioritization and remediation of security issues.
  • Some travel may be required.

Have that 

  • Must have a solid overall understanding of information technology and information security practices and trends.
  • Hands-on Public Cloud experience – One or more of AWS, Azure, GCP.
  • Provide expertise and guidance to junior engineers in the deployment of security tools.
  • Passionate about automation, performance, reliability, visibility, and finding creative solutions to complex security issues.
  • Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.
  • Understanding of networking concepts such as BGP, VRF and MPLS. 
  • Ability to work with cross-functional, interdisciplinary teams to achieve tactical and strategic information security goals.
  • Experience with security frameworks to include ISO, HIPAA, PCI, HITRUST NIST
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
  • Demonstrable knowledge of cryptographic concepts and techniques, including encryption, hashing, and key management.
  • Knowledge of Cloud-unique security risks, API security vulnerabilities and remediation measures.
  • Solid understanding of network routers, switches and firewalls. Experience Juniper and Arista equipment preferred.
  • Well versed in security hardening for Linux hosts, services, applications, web applications, and database applications.
  • Experience using a scripting language for administration, monitoring and automation such as python and bash.
  • Proficient in Linux.
  • Experience with ansible.
  • Experience with open source tooling used to secure resources.
  • Strong attention to detail, organizational skills, problem solving, troubleshooting and documentation skills.

Experience/Education

  • Minimum 1 year of experience in an information security engineering role.
  • Bachelor’s degree in information technology or related field, or equivalent experience.
  • Advanced degree in a technology related field is a plus.
  • Technical security related certifications are a plus:
  • Industry Certifications – e.g. GIAC certs and/or CISSP.

About Joyent

Joyent, a wholly-owned subsidiary of Samsung, is the open cloud company. Joyent builds technology, at the pinnacle of scale, performance, stability, and security to accelerate the transformation toward the mobile and cloud-centric world. Joyent designs, builds and manages market competitive cloud computing solutions and services for Samsung Electronics and its partners at global scale.

How To Apply

To apply, please submit a brief introduction, a copy of your resume, and a link to your Github or LinkedIn profile to jobs@joyent.com with Security Engineer in the subject. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the Fair Chance Ordinance.

View All Open Positions at Joyent

Opt In to the Joyent Newsletter

Our regular newsletter includes Joyent product information, upcoming vidoes, blogs and content.