Want to improve this content? Edit this content
Senior Security / SecOps Engineer @ Wavo

Job description

Wavo is looking for Senior Security / SecOps engineers to join our Foundation (DevSecOps) team. 

Digital advertising, technology, & data are changing the way artists & brands approach advertising. With Wavo you will get the rare chance to create products and services that will be used by today’s top artists, managers and brands to help them grow their business through Wavo’s advertising, analytics, and business automation products.

Wavo’s engineering team is small and efficient, and while we work to a high standard we don’t over-manage with specs. We strive to build a workplace where everyone works hard and gets passionate about the big challenges.

We can promise you will never be bored. We are constantly experimenting, testing new approaches and challenging ourselves to master new skills. We try to think outside of the box and build an environment that’s both exciting and meaningful. 

Responsibilities: 

  • Collaborate with other engineers and service teams to build security into the foundations of the application and services from the very beginning, creating enhanced protections that make our application and services more difficult to compromise.
  • Compliance monitoring – be ready for an audit at any time (which means being in a constant state of compliance, including gathering evidence of ISO 27001 compliance, SOC2 compliance, etc.).
  • Encourage adherence to secure practices within the organization in order to foster the development of secure applications and services with increased efficiency and frequency. Replace silos and separation of departments with open and honest communication.
  • Security training – train engineers,  HR, and our service teams with guidelines for set routines, and processes that ensure security, compliance, and availability of our services.
  • Bridge traditional gaps between IT, and security while ensuring fast, safe delivery of code, and services.
  • Automate security audits: In alignment with lean practices in agile, implement security testing in iterations without slowing down delivery cycles.
  • Continuously monitor, attack and determine defects before non-cooperative attackers might discover them.
  • Threat investigation – identify potential emerging threats and be able to respond quickly.
  • Vulnerability assessment – identify new vulnerabilities, then analyze how quickly they are being responded to and patched.

Job requirements

You might be a good fit if you:
  • Have 5+ years of experience as a Senior Security or Senior Cyber Analyst.
  • Have 2+ years of security operations experience
  • Have in-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Have experience developing automation/orchestration and process for improvements to daily security operations.
  • Have experience with AWS services related to compute, storage, networking & content delivery, as well as Security, Identity & Compliance.
  • Experience with cloud orchestration components, deployments, and continuous integration tools such as Terraform, Kubernetes, and CircleCi.
  • Are passionate about working on systems that are highly reliable, maintainable, and scalable
  • Are a good communicator and enjoy interacting with people
  • Enjoy being part of a highly collaborative, remote-first team
  • Are comfortable having ownership and control of a project.

 

Also…
  • Our DevSecOps team will be working closely with our team to make sure all our corporate endpoints are secure, and properly used, therefore having experience monitoring corporate endpoints (UEM, EMM, MDM) is important
  • Today we use Node.js, and Javascript for most of our code, so having experience as an application developer using JavaScript frameworks is a huge plus
  • Our architecture and the projects are all based around micro-services, therefore having experience monitoring distributed micro-services is a plus.
  • Having experience in ad-tech, machine learning, or big data is a plus.
  • Having (at least) one recognized security certification (e.g. CISSP, CEH, OSCP, CCSP, Security+ Certifications) is a plus
  • Finally, being data-driven being one of the company’s value, having experience with creating rules & dashboards to alert on threat actors and trends is a plus as well. 

Benefits

  • Competitive compensation based on experience
  • Competitive Equity
  • Group health and dental insurance plan
  • Flexible hours and vacation
  • Free tickets to shows and festivals
  • Company outings & activities
  • A dynamic work environment
  • Being a part of innovation at the nexus of music, marketing/advertising, and technology

 

Equal Opportunity Employer 

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

 

Active: Yes
Last Modified: 2020-8-29 2:57:28
Contributors of this content: jobs