Skip to main content

RSA - Senior Security Engineer

Primary Location: Remote - Massachusetts,
Additional Location(s): Massachusetts

Apply Now

RSA - Senior Security Engineer

[Note: US Citizenship required]

At RSA, we believe in challenging the established mindsets, approaches, and product categories in the information security industry. Every product that we deliver to market is based on a core set of principles grounded in the major paradigm shifts in play and the implications that they have for our customers.

The RSA SecurID Suite helps to accelerate business while mitigating identity risk. With multi-factor authentication, access management, identity governance and user lifecycle solutions, it helps to strengthen security, ensure compliance and facilitate business growth. More than 25,000 organizations worldwide trust RSA SecurID Access to provide a convenient, secure multi-factor authentication experience for their users. And now RSA SecurID Access has won best multi-factor authentication solution from SC Media three years in a row.

We are transforming the way we do security by building a strong foundation to enable security as code - integrating it into our product and corporate infrastructure builds. This role is for a candidate who is excited to eliminate toil and work with leadership sponsors to build out a framework for long-term security success across a complex hybrid cloud environment. Candidates will support not only our corporate application infrastructure, but will have a chance to partner to provide security solutions to the RSA Conference and SecurID SaaS products running on public cloud infrastructures. Help us provide creative, effective, and automated capabilities leveraging cloud native and best of breed 3rd party security solutions to FedRAMP and commercial environments.

We are looking for an energetic and self-motivated individual with demonstrated knowledge of delivering technical security solutions in highly regulated environments. Candidate must have strong experience and understanding of cyber security concepts, public cloud. Job role involves interfacing with Engineering Cloud / SaaS Operations, Data Privacy, IT and Governance, Risk and Compliance (GRC) teams to deliver upon business outcomes.

PRINCIPAL DUTIES AND RESPONSIBILITIES      

  • Hands-on keyboard cloud security ninja to deliver impactful security solutions to the business
  • Engineer, deploy, maintain, and operationalize third-party security tools & services such as firewalls, endpoint protection, vulnerability management, identity & access management and SIEM solutions
  • Develop and maintain security controls and practices to meet FedRAMP / SOC2 compliance program needs
  • Lead the transformation charge to enable the security team to eliminate toil and automate security capabilities in a secure and repeatable manner by writing scripts / code (PowerShell, Python, etc.) to solve operational problems
  • Architect security-as-code blueprints to create standard patterns with built-in security by partnering with engineering and IT
  • Build and implement a cloud security & automation framework to support mixed Azure, AWS and on-premise infrastructure for customer SaaS and corporate infrastructure
  • Consult with SaaS operations and Engineering to deliver operational security capabilities using combination of cloud-native, FOSS and third-party technologies
  • Develop a technical security strategy and implement a vision of clear feedback signals from well-monitored security controls represented by key operational metrics
  • Provide cybersecurity technical leadership, drive cloud security and automation processes and practices
  • Develop roadmap for continuous process improvement and security maturity
  • Support 24x7 Incident Response activities by providing on-call technical security support for investigations, containment, and recovery

  KNOWLEDGE & SKILLS   

  • Experience maintaining security infrastructure & controls within heavily regulated environments with compliance frameworks such as FedRAMP, NIST 800-53, ISO, SOC2
  • Demonstrated best practice usage of multiple security technologies in public cloud environments: Vulnerability management / Continuous Monitoring, SIEM / logging, WAF, network segmentation, system and cloud hardening, incident response, XDR, malware prevention
  • Demonstratable experience developing infrastructure security as code and experience with high-level languages and Version Control platforms (e.g. Python, Golang, GitLab, etc.)
  • Experience with one or more configuration and orchestration technologies a plus (e.g. Terraform, CloudFormation, Ansible, Chef, Puppet)
  • Previous experience providing security solutions in a customer SaaS environment preferred
  • Strong understanding of multi-tier application architecture on cloud stacks and associated technologies (Networking, OS, Web, App, DB) across AWS, Azure and/or GCP
  • Experience utilizing and securing serverless constructs and containers
  • Ability to influence operations, IT and development teams to shift security left and provide processes and methods to allow security self-service
  • Experience defining and implementing security controls, and developing monitoring and alerting around these controls
  • Problem solving skills and ability to work under pressure in rapid paced, customer facing 24/7 production environments
  • Self-starter with strong work ethic willing to identify issues and lead them to conclusion
  • Ability to see the big picture and present ideas clearly with demonstrated thought leadership
  • Demonstrated skill securing sensitive data in business-critical environments
  • Advanced understanding of host operating systems including Linux-focused experience
  • Certifications such as Microsoft Certified: Azure Security Engineer Associate, AWS Certified Security – Specialty, SANS GIAC preferred
  • BS in CS, IT, or related field or 8+ equivalent industry work experience

RSA is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at RSA are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. RSA will not tolerate discrimination or harassment based on any of these characteristics. RSA encourages applicants of all ages.

Job ID: R120440
Apply Now
 

Join Our Talent Network

Sign up to stay up-to-date on our latest career opportunities, events and company news.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Remote, Massachusetts, United StatesRemove
  • Engineering, Massachusetts, United StatesRemove