Security Engineer, Cloud Services

Headquartered in the United States, TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, consistently ranked as the world’s top provider of Wi-Fi devices. The company is committed to delivering innovative products that enhance people’s lives through faster, more reliable connectivity. With a commitment to excellence, TP-Link Systems serves customers in over 170 countries and continues to grow its global footprint.

We believe technology changes the world for the better! At TP-Link Systems Inc., we are committed to crafting dependable, high-performance products to connect users worldwide with the wonders of technology. 

Embracing professionalism, innovation, excellence, and simplicity, we aim to assist our clients in achieving remarkable global performance and enable consumers to enjoy a seamless, effortless lifestyle. 

Overview:

The Security Engineer, Cloud Services focuses on safeguarding web applications, cloud services, and associated infrastructure. Key responsibilities include conducting penetration tests, managing security incidents, and performing regular AWS security audits to ensure compliance and best practices. The role also involves handling customer-reported vulnerabilities, developing security policies, and analyzing threats and vulnerabilities to mitigate risks effectively. Collaboration with development teams is essential, with a focus on integrating security into DevOps processes. Additionally, the engineer will deliver security awareness training to foster a culture of security across the organization.

Key Responsibilities:

• Web and Cloud Penetration Testing: Responsible for conducting penetration tests on web applications and cloud services to assess and enhance security performance.
• Incident Response: Respond promptly to security incidents, conducting investigations, containment, remediation measures, and post-incident analysis.
• Cloud Auditing: Perform regular security audits of AWS environments to ensure adherence to best security practices and compliance with industry standards.
• Customer-Reported Vulnerability Handling: Manage security vulnerabilities reported by customers, provide remediation recommendations, and track the R&D team's progress on fixes.
• Security Documentation and Standards: Develop, maintain, and update comprehensive security policies and procedures. Document all security incidents and their mitigation measures.
• Threat and Vulnerability Analysis: Conduct regular assessments to identify, analyze, and mitigate security risks and vulnerabilities across systems, networks, and applications.
• Collaboration with Development Teams: Work closely with development and operations teams to integrate security practices into DevOps processes, including automating security testing and vulnerability scanning.
• Security Awareness Training: Collaborate with teams to develop and deliver security awareness training to employees, ensuring best practices are followed to mitigate insider threats.

Requirements

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent work experience). 
• Proven experience serving as a Security Engineer or in a similar position. 
• Extensive experience in cloud penetration testing, with a special focus on AWS environments. Proficient in identifying and exploiting vulnerabilities, and familiar with common penetration tools such as Burp Suite, Kali Linux, and Metasploit. 
• In-depth understanding of AWS, including configuration, security management, and best practices. Capable of applying this knowledge to daily security management and auditing tasks to ensure compliance and enhance security posture. 
• Practical experience in cloud auditing, with the ability to assess and optimize security frameworks within cloud infrastructures. Familiar with tools and methodologies needed to conduct thorough security assessments and audits. 
• Proficient in scripting or programming languages such as Python, able to write Proof of Concept (PoC) or exploit scripts to validate and exploit security vulnerabilities. 
• Possession of relevant security certifications such as CISSP, CEH, or OSCP is preferred. 
• Cloud security certifications like AWS Certified Security – Specialty or Google Cloud Certified - Professional Cloud Security Engineer are a plus. 
• Able to communicate technical and non-technical information clearly with clients and team members. 
• Able to work independently while closely collaborating with security and development teams. 
• Demonstrates meticulous attention to detail when performing security testing and remediation work, ensuring all security vulnerabilities are properly addressed. 

Soft Skills:

• Excellent communication and interpersonal skills.
• Ability to work independently as well as collaborate with cross-functional teams.
• Strong attention to detail and commitment to maintaining high-security standards.

Benefits

Salary range: $140,000 - $190,000

• Free snacks and drinks, and provided lunch on Fridays
• Fully paid medical, dental, and vision insurance (partial coverage for dependents)
• Contributions to 401k funds
• Bi-annual reviews, and annual pay increases
• Health and wellness benefits, including free gym membership
• Quarterly team-building events

At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc.