Senior Security Engineer, PagerDuty

• The ideal candidate will come from a large enterprise environment focused on development of the Security Guardrails, Tool Integrations, and the SOAR space (Security, Orchestration, Automation and Response)
• Things that make you smile: Secure Infrastructure, systems, automation, analysis, coding, and cute animal memes
• 5+ years of experience as a full-stack Security Engineer in a cloud-native, micro-service SaaS, PaaS, or IaaS environment, preferably in AWS
• 3+ years of experience integrating security testing into SDLC processes and securing CI/CD pipelines
• Demonstrated experience in designing and building API-driven integrations favoring no code/low code solutions where feasible
• Demonstrated experience building Security Orchestration, Automation, and Response (SOAR) playbooks
• Ability to design, implement, monitor, and operate security logging and alerting toolsets
• Technical stack experience required to be successful in this role:
• AWS Security (GuardDuty, CloudTrail, Secrets Manager, EKS/ECR, IAM family, Config), Vulnerability management (Qualys/Nessus, Wiz, Snyk), SIEM (SumoLogic or Splunk), Container Security, CI/CD Discipline (Helm, Terraform, Chef, Kubernetes (EKS)), Security Incident Response & Risk Management
• 4+ years of experience and proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails)
• Have exceptional written, oral communication, and interpersonal skills
• Organizational skills with ability to successfully manage multiple priorities and deadlines
• Strong appetite for challenging problems with a high degree of ownership

Desirable

• PagerDuty is seeking a Senior Security Engineer (Security Automation) to join our diverse, customer-focused team
• As a Senior Security Engineer, you will be a key contributor to leading security initiatives supporting the PagerDuty SaaS offerings through designing security tool implementations, security process improvements, and increasing security operational capacity through automation and orchestration
• Since we own and operate what we build, you’ll collaborate closely with engineers across many product development teams
• You will work closely with our internal development teams to ensure we deliver secure, highly reliable, and scalable solutions to our customers
• This is an exciting opportunity to build lovable security solutions that make developers and customers happy
• Embrace the role of hands-on technical lead in designing security automations, tool integrations, and security relevant alerting to support product and infrastructure guardrails, vulnerability management, and incident response activities
• Mentor and help guide team members to scope upcoming projects and support agile approaches to work management
• Foster a strong writing culture through creation of accurately scoped project charters and design documents
• Define and plan work at the multi-team level, contributing to roadmap and annual planning discussions
• Collaborate with Compliance and Product Development teams to build a robust vulnerability management program using automations and workflows to drive timely remediations, with focus on increasing visibility with reporting and metrics
• Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the rest of the team to build/test elegant solutions
• Participate in our team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
• Monitor, support, and maintain 1st party and 3rd party security tools supporting guardrail implementations, compliance automation, incident response, and vulnerability management
• Partner with peer security teams to implement controls that detect and alert on deviations from established policies or standards