Senior Security Engineer at Outreach
Your Daily Adventures will Include:
- Partnering with engineering teams to design, select, and implement effective technical security controls to detect and alert security events across the Outreach infrastructure and protect our cloud-native SaaS platform and customers.
- Identifying gaps in coverage of the Outreach security controls and work across teams to specify and deploy improvements that address these gaps.
- Selecting and/or creating specific applications and functions that integrate with the Outreach platform and build systems that provide the right detective controls that alert on suspicious or anomalous behaviors or vulnerabilities.
- Participating in and helping lead information security response activities across Outreach and its products.
- Developing and implementing solutions to collect, transport, and process security data to support risk-based decision making.
- Integrating security monitoring and measurements that enable engineering teams to quickly spot potential problems and respond to security events within their DevOps processes.
- Interpreting the results of penetration tests and other technical audits and working across software engineering teams to champion and implement reasonable mitigations and remediations.
- Using DevOps tooling and processes to implement security remediations.
- Creating data flow diagrams and threat models that guide design recommendations.
- Translating security requirements and obligations into effective security controls.
- Providing security subject matter expertise and training to teams across the company.
- Ensuring cross-company support for all aspects of security by establishing partnerships with other Outreach teams with the overarching goal of improving the trust of Outreach and its products.
- 4+ years of experience in an information security engineering role.
- Direct experience working with SaaS cloud-based applications in AWS or Azure.
- Experience automating AWS services to support information security goals and mission.
- Experience in creating, implementing, and managing technical information security controls.
- Experience defining and implementing security controls for containers, microservices, and orchestration software.
- Experience identifying and collecting the data that supports effective security dashboards that summarize the environment's security health across multiple security domains (e.g., networking, host, application, identity, etc.).
- Have a history of successful cross-organizational efforts.
- Ability to analyze problems and make appropriate decisions quickly.
- Ability to drive large, complex programs and solutions using both direct and virtual teams.
- Experience managing multiple external vendors across broad and complex work engagements.
- Excellent interpersonal and management skills.
- Strong written and verbal communication skills.
- Ability to work flexibly and independently to achieve results within the dynamic Outreach culture.
- Ability to maintain extreme confidentiality.