Staff Security Engineer (DevOps)

**Candidate Note: This position is 100% remote for candidates based in the US**

We’re seeking a highly skilled and experienced Staff Security Engineer to join our dynamic Security Operations team. As a key member of our security engineering function, you will play a critical role in ensuring the security and reliability of our infrastructure and applications. You will work closely with cross-functional teams to integrate security best practices into our DevOps processes, fostering a culture of security awareness and continuous improvement.

The EDB Security Operations team provides frontline security protection for EDB, our employees, and our customers. In addition to threat detection and incident response, we engineer security solutions to improve security outcomes across the business.

Your impact will be: 

In this role, you will design and implement elegant security solutions that seamlessly integrate with our DevOps practices. You will serve as a technical leader, collaborating with peers across development, operations, and product teams to incorporate security at every stage of their workloads. Some of your key areas of focus will be: 

• Infrastructure Security: Design, implement, and maintain secure infrastructure solutions spanning multiple Cloud providers and on-prem datacenters
• Automation and CI/CD: Develop and enhance automation frameworks and CI/CD pipelines with a focus on security, ensuring secure deployment practices across all stages of the development lifecycle
• Threat Modeling: Conduct threat modeling and security assessments to identify potential vulnerabilities and threats in our infrastructure and applications
• Monitoring and Incident Response: Implement and manage security monitoring tools, and lead incident response efforts to swiftly address security events and vulnerabilities
• Collaboration: Work closely with development, operations, and product teams to integrate security controls and practices into the DevOps workflow
• Compliance and Standards: Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, SOC 2, GDPR) and contribute to internal security policies and standards
• Mentorship and Leadership: Provide technical leadership and mentorship to junior security engineers, fostering a culture of security excellence and continuous learning
• Innovation: Stay current with emerging security technologies and trends, and proactively propose innovative solutions to enhance our security posture

What you will bring:

• Experience: Minimum of 8 years of experience in security engineering, with a strong focus on DevOps practices and infrastructure security.
• Technical Expertise: Proficient in cloud platforms (AWS, GCP, Azure), containerization (Docker, Kubernetes), and infrastructure-as-code (Terraform, CloudFormation).
• Security Tools: Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and DAST/SAST tools.
• Programming Skills: Strong scripting and programming skills (Python, Go, Bash) for automating security processes.
• Problem-Solving: Excellent analytical and problem-solving skills, with a proactive approach to identifying and mitigating security risks.

What will give you an edge:

• Leadership Experience: Proven experience leading security initiatives and projects within a large-scale, fast-paced environment.
• Deep Knowledge: In-depth understanding of network security, container security, and secure software development practices.
• Communication Skills: Exceptional communication and collaboration skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders.
• Continuous Improvement: Demonstrated ability to drive continuous improvement in security processes and DevOps practices.

Compensation Range (DOE/Location): $175-225k max base + annual bonus