Senior IT Security & Systems Engineer
| Company | HackerOne |
|---|---|
| Location | Seattle, WA, USA, Washington, DC, USA, San Francisco, CA, USA, Austin, TX, USA |
| Salary | $122000 – $170000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior, Expert or higher |
Requirements
- 8+ years of experience in IT security, system administration, or security engineering within a corporate IT environment.
- Experience administering IT security and access controls for SaaS applications (Google Workspace, Okta, Slack, AWS, Lumos, Monday.com, etc.).
- Familiarity with security automation and scripting (Python, Bash, PowerShell, Workato) to improve IT security processes.
- Experience with MDM solutions (Kandji or similar) for securing and managing Apple devices and endpoints.
Responsibilities
- Develop, implement, and administer security controls for IT-managed infrastructure, SaaS applications, and endpoint security, ensuring best practices.
- Work closely with security and compliance teams to align IT tools, applications, and processes to ensure we maintain compliance and regulatory requirements (SOC 2, ISO 27001, NIST, etc.).
- Manage and respond to IT security incidents, including investigation, remediation, and post-mortem analysis, while continuously improving response processes.
- Automate security processes, monitoring, and enforcement through scripting (Python, Bash, PowerShell) and infrastructure as code (IaC) solutions like Terraform or Workato.
- Enhance security and compliance across IT systems, including IAM, endpoint security (MDM solutions like Kandji or JAMF), and SaaS security for applications like Google Workspace, Okta, and AWS.
- Conduct security assessments, risk analysis, and audits to identify vulnerabilities, improve security posture, and ensure compliance.
- Partner with vendors and internal teams to evaluate and integrate security tools and enterprise security solutions for corporate IT.
- Support operational security responsibilities, including security reviews, consulting, and on-call support, while improving automation, playbooks, and response processes.
Preferred Qualifications
- Hands-on experience securing IT systems, SaaS applications, and cloud environments (AWS, GCP, or Azure), including IAM and endpoint security.
- Experience developing and automating security controls using scripting (Python, Bash, PowerShell) and infrastructure as code (IaC) solutions like Terraform or Workato.
- Proficiency with security tools such as EDR, SIEM, vulnerability management, and identity providers (Okta, Active Directory, etc.).
- Understanding of incident response processes and IT security monitoring, including participation in an on-call rotation for critical security events.