Remote infosec Jobs

Last Week

Senior Field Operations Engineer
senior docker infosec Aug 04
Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the necessities of modern civilization: running water, functioning electricity, and safe industrial working environments.
 
The Field Operations Team is responsible for the planning, scoping, and implementation of the Dragos Platform in customer environments. Be part of a team that’s hands-on and onsite at power plants, substations, manufacturing floors, and refineries (just to name a few), while performing installations and assisting our customer partners in monitoring and safeguarding their infrastructure.
 

Responsibilities

  • Provide troubleshooting and break/fix support for the Platform and all deployed sensors
  • Assist with the tuning to ensure sensors are not overloaded and appropriate traffic is being analyzed. 
  • Coordinate upgrades, patches and other configuration changes to the Platform and all deployed sensors.
  • Communicate roadmap of features and content for future platform users
  • Continually solicit client feedback on feature request, improvements or potential issues.
  • Collaborate with client’s teams on network architecture, sensor placement and planning activities for the deployment of new sensors.
  • Manage issue escalation to the engineering group as required and conduct new release feature walkthroughs as needed.
  • Creating technical documentation and content
  • Assist Dragos Intel and Threat Operations Center on investigations and projects

Requirements

  • 5 years’ experience in industry (i.e. controls engineer) or InfoSec (ICS cyber security experience ideal)
  • Networking experience – must have good understanding of IP networks, OSI model, Purdue model, ICS protocols
  • Software familiarity –Linux (command line), CENTOS, Docker, scripting languages (python, shell, etc)
  • Must have excellent communication skills
  • Good customer-facing demeanor
  • Eagerness to do geek stuff while wearing hardhats and FR
  • Travel – 25%
  • US Citizen or US Permanent Resident (Must be able to pass background checks and drug test)
Dragos seeks passionate, hard-working, fun-loving, small-ego, big-brained people. Our tagline is “Safeguarding Civilization” not because we think highly of ourselves, but because the problems we are solving are critically important, today and in the years to come. We look for ICS experts across industries who are committed to growing global expertise in the space by training the next wave of future innovators and thought leaders.  

We offer competitive salaries, equity, and a comprehensive benefits package including medical, dental, vision, disability, 401K and life insurance.
 
Dragos is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce. Come join us!
Share this job:

This Month

IT Security Manager
manager machine learning aws infosec healthcare Jul 23
Company Description
At Hyperscience we develop and deliver intelligent solutions to automate manual document processing for global financial services, insurance, healthcare, and government organizations. Founded in 2014, our solution extracts handwritten, cursive and printed typed text at better-than-human levels of accuracy and automation that get better over time. By streamlining operations and reducing the costs associated with data entry, we enable some of the world’s largest companies to improve customer service and drive new business opportunities.
With more than $110 million raised to date, we’re growing quickly and looking for individuals to join our team and make a difference in our organization and for our customers.

Job Description
We’re looking for an IT Security Manager, who will be responsible for implementing security controls in our IT environment.  The right person is a problem solver who enjoys solving tricky technical challenges, and has experience working in a fast-paced environment that deals with various security compliance requirements.  The individual will report to the Head of Security, and will work alongside the IT team in supporting our growing company across US and European locations.

Responsibilities

  • Establish secure processes around asset inventory, endpoint management, access management, change management, vendor management, office networks, and incident response.
  • Document IT policies and processes for both internal use and compliance evidence.
  • Manage purchasing and deployment logistics for all employee hardware.
  • Configure hardened settings for all IT-managed hardware and software.
  • Resolve support requests related to onsite network, laptops, and teleconferencing.
  • Identify areas for improvement and recommend IT investment opportunities to automate repetitive tasks.

Qualifications

  • 6+ years' experience in information technology and/or infosec
  • Strong hands-on experience in implementing and operating security solutions, aligned to industry standards such as ISO 27001.
  • Familiarity with Identity Access Management (IAM) architecture, and solutions leveraging LDAP, RADIUS, SAML, and/or OIDC.
  • Familiarity with networking concepts, including VPN, routing, and switching.
  • Familiarity with endpoint management solutions, focused on remote workforce using MacOS and virtual desktop environments.
  • Ability to set up and troubleshoot onsite network, laptop, and  teleconferencing issues.
  • Experience setting up SIEM solutions, and responding to IT security issues/incidents, including phishing attacks, malware detections, and data loss scenarios.
  • Familiarity with using AWS to operate self-hosted IT solutions.
  • Ability to script, and use APIs and webhooks to create automation.
  • Ability to train and assist co-workers on all aspects of the program build and evolution
  • Education Bachelor's degree in information technology, computer science, or related area
  • Industry recognized certification in security preferred, but not required (e.g., CISSP, CISA, CISM, CEH, SANS, etc.)

Benefits & Perks

  • You’ll work with some of the best machine learning, software and QA engineers in one of the most innovative tech companies in Sofia
  • Budget to attend conferences, train, and further your education
  • 30 days of paid leave annually to help nurture work-life symbiosis
  • A great office, with excellent location
  • Massages at the office by a professional massage therapist
  • Auto assistant for your car
  • Catered lunches, afternoon breakfasts, and a great variety of snacks and drinks
  • A sports card, covering various options for sport
  • Additional health insurance package, including extensive medical, dental & vision care
  • Truly competitive salary
  • Stock options
  • Referral bonus
All job applications will be treated and processed with strict confidentiality and in full compliance with the GDPR provisions. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Share this job:
Information Security Compliance Analyst
linux infosec Jul 22
Dubbed an "open-source unicorn" by Forbes, Confluent is the fastest-growing enterprise subscription company our investors have ever seen. And how are we growing so fast? By pioneering a new technology category with an event streaming platform, which enables companies to leverage their data as a continually updating stream of events, not as static snapshots. This innovation has led Coatue Management, Altimeter Capital and Franklin Templeton to join earlier investors Sequoia Capital, Benchmark, and Index Ventures in the recent Series E financing of a combined $250 million at a $4.5B valuation. Our product has been adopted by Fortune 100 customers across all industries, and we’re being led by the best in the space—our founders were the original creators of Apache Kafka®. We’re looking for talented and amazing team players who want to accelerate our growth, while doing some of the best work of their careers. Join us as we build the next transformative technology platform!

The InfoSec Compliance Analyst will be responsible for evaluating and supporting information security initiatives covering compliance, policy, risk management, and awareness.  With guidance from the team leadership, this individual will oversee compliance initiatives across multiple information security standards including FedRAMP, SOC, ISO, HIPAA, PCI, and others as appropriate.  The individual in this role must have excellent communication and organizational skills to manage processes and liaise with various groups within the business.

Responsibilities

  • Execute and monitor controls related to Confluent’s Information Security Compliance program
  • Conduct internal reviews of security controls
  • Manage and coordinate external audits and assessments
  • Contribute to information security training and awareness programs
  • Interface with and lead efforts related to internal and external audits including regulatory, compliance, and 3rd party security reviews
  • Facilitate the operational tasks related to the production of Information Security reports
  • Contribute to Confluent’s vendor assessment and 3rd party risk management processes
  • Perform research and analysis and keep current with information security, governance, and compliance knowledge and emerging technologies

Required Skills and Experience

  • Bachelor’s degree required plus a minimum of 2 years experience in Information Security and Compliance
  • Strong IT acumen and experience applying new technology to monitor and improve business processes
  • Experience with a combination of the following: SOC, ISO 27001, HIPAA, PCI, FedRAMP, CSA, CIS, NIST

Additional Qualifications

  • CISSP, CISA, or equivalent certification completed or currently in progress
  • Excellent verbal communication, organizational and planning skills.
  • Knowledge and understanding of SOC, ISO 27000, HIPAA, PCI, FedRAMP and other regulatory standards
  • Understanding of OS concepts and security concerns in Linux, MacOS, and Windows systems
  • Able to understand general business concepts and apply them when communicating with diverse groups of people
  • Interpersonal skills to work as a team member and as a liaison
#LI-MT1

Come As You Are

At Confluent, equality is a core tenet of our culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. The more diverse we are, the richer our community and the broader our impact.

Click here to review our California Candidate Privacy Notice, which describes how and when Confluent, Inc., and its group companies, collects, uses, and shares certain personal information of California job applicants and prospective employees.
Share this job:

This Year

Product Manager, InfoSec
 
infosec manager Apr 29
Atlassian is continuing to hire for all open roles with all interviewing and on-boarding done virtually due to COVID-19. Everyone new to the team, along with our current staff, will temporarily work from home until it is safe to return to our offices.

Atlassian helps teams everywhere change the world through the power of software, and we are looking for a well-rounded Product Manager for Atlassian's Security Development team. This team is responsible for building and operating mature software systems to improve the entire company's security posture.

You'll be responsible for requests from other teams and establishing your own roadmap of improvements by analyzing internal data and using customer insights. You are an efficient decision maker who prioritizes based on business value. You bring together requirements from stakeholders, benchmark with other companies on best practices, and understand industry trends. You will drive improvements that affect key company metrics.

If you are a strong product manager interested in developing your info security expertise, this role is a rare opportunity to do just that!

In this role, you'll get to...

• Plan, drive, and execute against the product roadmap for top Security projects
• Collaborate with stakeholders to derive the daily execution, managing risk, communication, and expectations
• Craft epics, user stories, and own the backlog

On your first day, we'll expect you have:

• 3+ years of Product Management experience
• Proven track record delivering quality projects timely and in-scope
• Ability to balance, manage, and prioritize backlogs
• Great relationships with cross-functional partners. From engineering to design, people love to work with you!
• Excellent interpersonal skills with the ability to rally a team around the work they are doing
• Results-oriented, self-starter with a desire to learn and continuously improve

Preferred Qualifications

• Prior software development experience
• Experience with scalable, high-performance systems
• Familiarity with security systems would be a huge bonus
More about our benefits

Whether you work in an office or a distributed team, Atlassian is highly collaborative and yes, fun! To support you at work (and play) we offer some fantastic perks: ample time off to relax and recharge, flexible working options, five paid volunteer days a year for your favourite cause, an annual allowance to support your learning & growth, unique ShipIt days, a company paid trip after five years and lots more.

More about Atlassian

Creating software that empowers everyone from small startups to the who’s who of tech is why we’re here. We build tools like Jira, Confluence, Bitbucket, and Trello to help teams across the world become more nimble, creative, and aligned—collaboration is the heart of every product we dream of at Atlassian. From Amsterdam and Austin, to Sydney and San Francisco, we’re looking for people who want to write the future and who believe that we can accomplish so much more together than apart. At Atlassian, we’re committed to an environment where everyone has the autonomy and freedom to thrive, as well as the support of like-minded colleagues who are motivated by a common goal to: Unleash the potential of every team.

Additional Information

We believe that the unique contributions of all Atlassians is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.

All your information will be kept confidential according to EEO guidelines.
Share this job:
Senior DevOps Engineer
devops senior linux cloud azure infosec Feb 28
Respondent is a two-sided marketplace that connects market and user researchers with the highest quality research participants in the world. Our platform gives researchers a single place to quickly find the right participants for their projects, as well as schedule and pay them instantly. It simplifies the work that’s necessary to conducting quality research. Companies like IBM, Airbnb, Uber, Microsoft and many more trust and integrate us into their research processes.

We are a small, quickly growing, fully remote tech startup. Working as a distributed team allows us to hire the best talent regardless of location (right now, everyone works in a continental US Time Zone). All of our employees have areas of expertise as well as a wide breadth of knowledge in their domains. This blog post shares more insight into how we work successfully as a distributed team.


What you'll do

  • Developing platform-agnostic solutions that can be run anywhere in any environment as needed.
  • Manage infrastructure and collaborate with the development team and InfoSec users to diagnose issues and ensure compliance.
  • Automating existing processes and developing new ones including CI/CD, infrastructure patching, and deployments.
  • Researching, analyzing, developing and implementing solutions to help solve issues and improve efficiency.
  • Creating tools and processes to help teams be proactive in solving issues and problems before they occur.
  • Optimizing solutions for performance and reliability in a cost-effective manner.
  • Documenting tools, procedures, and operations for reusability and auditing.
  • Participate in after-hours deployments, on-call rotations, and monitoring within a team.

Who you are

  • Software Development experience (nodejs, typescript, angular, vue), using Agile/Scrum methodologies, and managing code with a source control system (we use GitHub).
  • Familiar with regulated environment standards (HIPAA, PCI DSS, FedRAMP).
  • Implementing and maintaining CI/CD build processes (AWS Codebuild/CodePipeline, Jenkins, Circle CI) for multiple projects and codebases.
  • Extensive use of Infrastructure and configuration management tools (Packer, Terraform, Ansible, Chef, Puppet, Salt) and creating reusable scripts (Bash).
  • Implementing and using application monitoring/logging tools (ElasticSearch/ELK, New Relic, Datadog, Grafana) for easy visibility into systems.
  • Experience running large scale production systems on Linux servers (Ubuntu, Debian, Redhat, CentOS) using public and/or private cloud infrastructure (AWS, Azure, Google, VMWare, OpenStack).
  • Comfortable designing, implementing and using secure networks (subnets, VLANs, Firewalls, Routing, VPNs) and able to troubleshoot networking issues small and large.
  • Strong knowledge of the technology concepts used in our distributed architectures: message queueing, containerization, microservices, web applications, APIs, business intelligence solutions, data analytics, integrations, data security and encryption, load balancing, redundancy, high-availability, data sharding, databases (relational and NoSQL), and key-value stores.
  • Demonstrated experience working on or closely with remote engineering teams, comfortable using video conferencing tools (Zoom) to stay in touch and collaborate with team members.

  • Experience Requirements
  • 8+ years of DevOps/Software Development experience. We are looking for someone who matches our level of joy for the work we do, brings something new to the team, and elevates our game. Our core values are very important to us and we hope they resonate with you, too. You can read more about them here!
We are looking for someone who matches our level of joy for the work we do, brings something new to the team, and elevates our game. Our core values are very important to us and we hope they resonate with you, too. You can read more about them here!

Benefits
Working at Respondent is a unique experience. You will be part of a remote, diverse team. We care deeply about creating a cohesive, tight-knit culture that gets results. That’s why we offer our employees the following:

- Work remotely from anywhere in a continental US Time Zone (we are not able to accommodate continuous travel e.g. digital nomadism, remote year, etc.)
- A full office set up, including a MacBook Pro, desk, second screen, ergonomic chair, and wireless mouse & keyboard
- Health insurance for US-based employees covered at 99% for individuals and 50% for dependents (non-US employees receive a healthcare stipend)
- Short Term Disability covered at 100% for all US-based employees
- Parental Leave: 12 weeks fully paid leave with an additional optional 4 weeks unpaid
- Dental and Vision insurance offered at group rates to lower the cost for US-based employees
- Four weeks of flexible vacation (need a bit more for religious or country holidays--no problem!)
- 12 Paid holidays
- Stock options
- 401k (not matching) for US-based employees
- Company retreats for teammates to get to know one another in-person: our last two were in New Orleans and San Antonio!

Respondent is an equal opportunity employer
We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to solve the challenges involved in Respondent's long term success. Our dynamic team members have incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity workplace and encourage candidates from under represented backgrounds to apply.
Share this job:
Infrastructure Security Engineer
Loom  
python ruby linux cloud aws infosec Feb 20
About Loom
Loom is a more effective way to communicate in the workplace that's already trusted by more than 1.8M users across more than 50k companies. Our customers are global and use Loom at work at world-class companies, including HubSpot, Square, Uber, GrubHub, and LinkedIn.

Founded in 2016, Loom has raised $45 million from top-tier investors including Kleiner Perkins, Sequoia, and the founders of Instagram, Figma and Front.

The role
As our first infrastructure security engineer, you will secure Loom's next-generation video service for millions of users. You should be able to hack us, and show your work — and then make us better.

Core responsibilities:

  • Build Enterprise-grade cloud infrastructure and policies
  • Build security product features — innovate on key management with KMS, rationalize data layer logical isolation, make SSO cool in 2020, and a lot more
  • Stay up to date with Linux zero-days
  • Establish and enforce application security best practices
  • Conduct internal penetration tests
  • Analyze our infrastructure and our applications for potential vulnerabilities
  • Coordinate incident response and assess inbound vulnerability reports

Requirements:

  • At least 5 years experience working on security infrastructure projects
  • Expert knowledge of iptables and AWS security
  • Strong skills with common infosec tooling, e.g. nmap and snort
  • Solid communication skills to enable knowledge sharing and encourage good internal security practices
  • Solid skills in at least one scripting language, e.g, Python, Ruby, JavaScript
 Perks at Loom
* Competitive compensation and equity package
* 99% company paid medical, dental, and vision coverage for employees and dependents (for US employees)
* Flex spending plan and Dependent care flex spending plan
* Healthcare reimbursement (for International employees) 
* Life insurance coverage
* Long-term disability insurance
* 401(k) with 5% company matching
* Professional development reimbursement
* Mental health and wellness reimbursement
* Gym reimbursement
* Unlimited PTO 
* Paid parental leave
* Remote work opportunities 
* Yearly off-site retreats (this year was in Barbados)
 
SF office perks
* Daily lunch on-site
* Unlimited snacks & drinks
* Remote week every other month

Remote-specific perks
* Home office & technology reimbursement
* Co-working space reimbursement 
* New-Hire on-boarding in San Francisco (optional)

Loom is an equal opportunity employer.
We are actively seeking to create a diverse work environment because teams are stronger with different perspectives and experiences.

We value a diverse workplace and encourage women, people of color, LGBTQIA individuals, people with disabilities, members of ethnic minorities, foreign-born residents, older members of society, and others from minority groups and diverse backgrounds to apply. We do not discriminate on the basis of race, gender, religion, color, national origin, sexual orientation, age, marital status, veteran status, or disability status. All employees and contractors of Loom are responsible for maintaining a work culture free from discrimination and harassment by treating others with kindness and respect.
Share this job:
Software Deconstruction Engineer aka. Infosec Consultant
python android infosec design Oct 28 2019

Update August 2019: The dog days of summer are here so why not stay indoors and hack? If you are interested in what you read below, please apply and we'll get you started on the process. Got questions? You'll get a short intro call very early in the process. This is the best place to raise any questions you might have. We have a special interest for candidates in the NYC region but if you can hack lets talk. Thanks ...the Carve team.

This job is only listed on Stack Overflow: https://stackoverflow.com/jobs/134473/software-deconstruction-engineer-aka-infosec-carve-systems

What's the job?

  • Information security consulting: assessing the security of software and hardware systems.
  • Understanding how systems are built and learning how to break them.
  • Working with our experienced team on short-to-medium term engagements.

What would you do?

Every two to three weeks you'll get a new project to work on. A typical project will involve:

  • Recon: Digging into the functionality, design, and implementation of the software system or device.
  • Probing: Searching for implementation weaknesses which could indicate a security issue. This is a combination of tools that we use, tools that we build, and manual probing. For device projects this can include firmware extraction, analysis, and hardware interfacing.
  • Extending: Now that you've found a weakness... how far can you extend your access into the system?
  • Writing: Now that you've hacked your way in you'll need to write-up your findings and work with the developers to make sure they understand what the problem is and how to fix it.

If you enjoy puzzles and technical variety you'll find this job very enjoyable.

Who are we looking for?

  • You do not need to have information security experience. If you've got the right technical background and problem solving skills we can train you in the dark arts of infosec.
  • People who enjoy writing code, solving problems with code, and learning how computers work at a fundamental level.
  • This is not a "travel every week" type of consultant. We do sometimes work at a client site but most of the time we do our projects remotely.

We’re hiring for all experience levels: from zero career experience to information security veterans.

Skills & Requirements

  • Deep experience in software and computers. You may have earned this experience with a degree, career as a software developer, or perhaps you've invested in a technical hobby that took you deep into the rabbit hole.
  • Technical writing skills (English)
  • Resident of the USA and able to be employed in the USA.

We encourage remote candidates to reply *if* they are residents of the USA.

Share this job:
Software Deconstruction Engineer aka. Infosec Consultant
ios android infosec design Oct 17 2019

Update August 2019: The dog days of summer are here so why not stay indoors and hack? If you are interested in what you read below, please apply and we'll get you started on the process. Got questions? You'll get a short intro call very early in the process. This is the best place to raise any questions you might have. We have a special interest for candidates in the NYC region but if you can hack lets talk. Thanks ...the Carve team.

This job is only listed on Stack Overflow: https://stackoverflow.com/jobs/268907/software-deconstruction-engineer-aka-infosec-carve-systems

What's the job?

  • Information security consulting: assessing the security of software and hardware systems.
  • Understanding how systems are built and learning how to break them.
  • Working with our experienced team on short-to-medium term engagements.

What would you do?

Every two to three weeks you'll get a new project to work on. A typical project will involve:

  • Recon: Digging into the functionality, design, and implementation of the software system or device.
  • Probing: Searching for implementation weaknesses which could indicate a security issue. This is a combination of tools that we use, tools that we build, and manual probing. For device projects this can include firmware extraction, analysis, and hardware interfacing.
  • Extending: Now that you've found a weakness... how far can you extend your access into the system?
  • Writing: Now that you've hacked your way in you'll need to write-up your findings and work with the developers to make sure they understand what the problem is and how to fix it.

If you enjoy puzzles and technical variety you'll find this job very enjoyable.

Who are we looking for?

  • You do not need to have information security experience. If you've got the right technical background and problem solving skills we can train you in the dark arts of infosec.
  • People who enjoy writing code, solving problems with code, and learning how computers work at a fundamental level.
  • This is not a "travel every week" type of consultant. We do sometimes work at a client site but most of the time we do our projects remotely.

We’re hiring for all experience levels: from zero career experience to information security veterans.

Skills & Requirements

  • Deep experience in software and computers. You may have earned this experience with a degree, career as a software developer, or perhaps you've invested in a technical hobby that took you deep into the rabbit hole.
  • Technical writing skills (English)
  • Resident of the USA and able to be employed in the USA.

We encourage remote candidates to reply *if* they are residents of the USA.

Share this job: