Senior Security Engineer

Brivo is seeking a Senior Security Engineer to help us build amazing features for the next ten million users on our security-oriented IoT platform. With a 15+ year record of innovation and industry leadership, we are a self-sustaining high-growth company that develops both the software and connected device components of our service offering. Currently serving over 40,000 B2B clients worldwide with a significant push toward further international expansion. Your mission will be to work alongside the Engineering and DevOps teams in an Agile environment to update our CI pipelines with security best practices as well as ensuring perimeter security of our applications.

In this role you are expected to:

• Work closely with the Operations team to support 24/7/365 multi-cloud operations, provide maximum uptime and security, and expand operations to additional cloud regions and providers.
• Work closely with developers to guide on secure coding practices and also assist in remediation of security findings.
• Implement new security tools and systems based on InfoSec policies
• Evaluate security tooling implementation; recommend and deploy enhancements
• Maintain development and production environments for engineering teams
• Provide knowledgeable, confident high-level support within the organization to resolve internal and external customer issues
• Assist in developing, implementing and enforcing policies to enhance physical, network and system security
• Commitment to continuous learning and improvement of development and quality strategies
• Recommend technical security policies and consult with development teams on remediations
• Liaise with engineering organization to ensure adherence to secure development practices
• Foster and evangelize DevOps culture and product ownership amongst engineering teams
• Mentor junior engineers in developing and implementing infrastructure changes that align with security best practices
• Take ownership of the Incident Response process and advise/design improvements to security incidents
• Participate in an on-call rotation as responder

About You

• 5+ years of experience in infrastructure or security engineering
• Very strong in-depth hands-on experience with Amazon Web Services, including: EC2, IAM, Load Balancers, S3, RDS, VPC, Lambda, KMS, API Gateway, Elasticsearch, GuardDuty, securityHub, and Inspector
• Experience with the following:
  • Docker, Kubernetes and container orchestration knowledge from a security standpoint
  • Working in a fast-paced 24/7 operations shop - responding to and identifying potential and active issues and determining a course of action
  • Designing, implementing, and supporting service provider (xSP, SaaS, IaaS, PaaS, MBaaS, etc.) environments
  • Continuous Integration and Continuous Delivery using Jenkins or similar CI tooling
  • Terraform, CloudFormation or other Infrastructure management software experience
  • Scripting in Python, Bash or similar
• Strong understanding of security solutions or activities such as:
  • IDS/IPS solutions, WAF, SAST/DAST, Malware/Antivirus
  • Knowledge of Penetration Test tooling and remediation
  • Implement safeguards for network security including perimeter and lateral movement
  • Run recurring security scans and develop remediation plans
• Experience with the fundamentals of the following/similar:
  • OWASP, APTs and anti-ransomware strategies
  • SOC-2, ISO27001 and other auditing techniques

The total compensation package for this full-time position includes a salary range of $120,000 - $160,000. Individual compensation packages are based on factors unique to each candidate, including job-related skills, experience, qualifications, work location, training, and market conditions. In addition to cash compensation (includes base salary and, where applicable, may include incentive or overtime pay), Brivonians are eligible for benefits & perks (www.brivo.com/about/careers) based on their work locations.
 

About Us

Brivo, Inc., created the cloud-based access control and smart spaces technology category over 20 years ago and remains the global leader serving commercial real estate, multifamily residential, and large distributed enterprises. The company’s comprehensive product ecosystem and open API provide businesses with powerful digital tools to increase security automation, elevate employee and tenant experience, and improve the safety of all people and assets in the built environment. Brivo’s building access platform is now the digital foundation for the largest collection of customer facilities in the world, protecting over 600 million square feet across 60+ countries. Brivo is privately held and headquartered in Bethesda, Maryland. Learn more at www.Brivo.com

Brivo is an Equal Opportunity/Affirmative Action Employer.