DevOps Security Engineer

ABOUT THE ROLE:

OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on (SSO) and cloud identity management platform.  Our portfolio of solutions secures connections across all users, all devices, and every application, helping companies drive new levels of security, and efficiency across all applications. With a powerful business platform and an award winning company culture,  OneLogin manages and secures millions of identities around the globe. We are headquartered in San Francisco, California, with offices in Mexico and Europe. For more information, visit www.onelogin.com, Blog, Facebook, Twitter, or LinkedIn.

ABOUT THE ROLE:

As a Security First company and an AWS Security Competency Partner, OneLogin adheres to the Security Pillar of the Well Architected Framework in our cloud-native environment and we are committed to implementing efficient and effective security controls. In this role you’ll work directly with Engineering and Security teams to support the design, build, implementation, and maintenance of our security infrastructure. You will be trusted and counted upon to achieve roadmap goals on a quarterly basis and to set a high standard for process and operations. When you are successful, you will be given credit and recognition for advancing our shared security maturity and number one corporate value.

ABOUT YOU:

You are a modern technical security practitioner, and you value efficient and effective security measures. You have a strong desire to learn, and are excited to pick up new skills and technologies. You aren’t afraid to ask for help and appreciate a candid and supportive team. You enjoy solving difficult problems, and make use of metrics, monitoring, and testing to help you understand the inner workings of a system. You’re excited to work closely with people throughout the organization, from close teammates to members of ops, and service team members.

• 2-4 years relevant experience
• Experience in systems administration, security devops processes, system hardening, IAM, guardrails and service control policies within cloud computing environments
• Familiarity with the most common and impactful threats and security risks affecting cloud based services
• Experience with AWS, Linux, containers, deployment frameworks (Terraform, Puppet, GitHub)
• Familiarity with AWS IAM and security tooling (AWS Organizations, ControlTower, Service Catalog, StackSets, Security Hub, WAF, etc.)
• Knowledge of container technologies, secrets management solutions, networking strategies
• Experience with domain and communication security, bash, and automation using script based languages (Python, Javascript, bash, JSON, YAML, etc)
• Self-directed and comfortable supporting the automation needs of multiple teams, systems, and products.
• Basic understanding of HTTP and application security vulnerabilities such as the OWASP Top 10, or issues you may encounter in a penetration testing report is a plus

Our core values:

• Security First - We make it our #1 priority to protect data and privacy. From the way we do our work to the technology we provide, security is top of mind.
• Customer Focused - We design for, listen to and partner with customers to come up with smart solutions that drive business value.
• Collaborative - We take bold steps and work together to thrive across boundaries. We drive productivity as we grow as one team.
• Accountable - We get things done and take ownership in our work. Showcasing consistent quality and pride to perform at the highest levels.
• Creative - We embody creativity in everything we do. We embrace diversity of ideas. We execute with ingenuity, flexibility, and agility.