Security Engineer

About The Position

Requirements

• B.A. or B.S. in Computer Science or a similar engineering program, or equivalent experience.
• 3-5 years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure.
• Must stay up to date on the latest cloud security advisories, alerts, and vulnerabilities.
• Strong verbal and written communication skills for a highly collaborative environment.
• Attention to detail and focus on quality of deliverables.
• Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation.
• Proven team experience and comfort in a team-oriented environment.
• Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.

Nice To Haves

• AWS Security, CISSP, CISA, OSCP or other information security certification is a plus.
• Experience in performing security reviews of cloud application designs, source code and deployments is beneficial.
• Familiarity with AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM is beneficial.
• Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation is a plus.

Responsibilities

• Experience or familiarity with cloud security or engineering in public cloud providers AWS, GCP, and Azure.
• Assist in evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.
• Support in monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM.
• Assist in utilizing the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.
• Support in selecting and acquiring additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Assist in determining, monitoring, and maintaining our security posture, in collaboration with the Engineering team.
• Support in overseeing and managing the deployment, integration, and configuration of security solutions and any enhancements to existing security solutions and the enterprise’s security documents.
• Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.
• Assist in developing and maintaining threat models for cloud environments and help train engineering teams to develop attacker/risk-driven design skills.
• Actively partner with infrastructure, application, and other stakeholders to ensure deployed solutions minimize security and privacy risks.
• Assist in recommending actions/practices to management to ensure compliance with security and regulatory requirements in decision-making processes.
• Suggest actions to mitigate risk in any activity that potentially impacts the security of existing IT and information management.
• Assist in crafting responses to client and partner security questionnaires.
• Other duties as assigned

Benefits

• Alarm.com offers competitive pay and benefits inclusive of subsidized medical plan options, an HSA with generous company contribution, a 401(k) with employer match, and paid holidays, wellness time, and vacation increasing with tenure.
• Paid maternity and bonding leave, company-paid disability and life insurance, FSAs, well-being resources and activities, and a casual dress work environment are also part of our outstanding total rewards package!