Security Engineer

US, Remote

Our position within the Samsung organization provides us with the opportunity to secure infrastructure and software at a scale rarely seen in the industry. At the same time, we are a small company and offer a personal and close-knit work environment. Joyent employees are thus uniquely positioned to meaningfully contribute to technology deployed on a global scale and play an important role in Samsung's continued innovation in the cloud industry. 

We are looking for a Mid/SR level Security Engineer who will be responsible for providing security architecture design and implementation, coordinating information security efforts within the company, and identifying security initiatives and standards for safeguarding information assets held by Joyent. This will involve interacting with and working closely with business managers, the executive management team, and peers.

The Security Engineer is involved with establishing, implementing, and maintaining enterprise and cloud information security tools, which includes procedures and policies designed to adequately protect our systems, and assets from both internal and external threats. A key element of this role is working with other technical teams within Joyent to mitigate excessive levels of risk for the organization. They must ensure that information systems are maintained in a fully functional, secure state.

Job Responsibilities

• Design, develop and document industry best practices to support company initiatives while meeting performance and availability requirements.

• Collaborate with Product, Operations and Engineering organizations to understand requirements, implementation impacts, and develop security specifications around project initiatives.

• Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals.

• Provide guidance on prioritization and remediation of security issues.

• Research new security technologies and adopt suitable best practices to solve industry obstacles and security threats.

• Provide technical leadership within the area of expertise and mentor security staff.

• Some travel may be required.

Skills & Competencies

• Proven ability developing security plans that integrate directly with product and system development lifecycles.

• Strong Scripting skills required including Shell and interpreted languages.

• Comprehensive knowledge of TCP/IP networking and client-server architecture and protocols.

• Familiarity with network analysis tools such as WireShark, Zeek, Corelight, and other traffic summarization utilities.

Education and Experience

• A Bachelor’s degree in information technology, or equivalent experience is required.

  • Advanced degree in a technology related field is a plus.

• Minimum 5 years of experience in an information security role.

• Experience in deploying and maintaining internal security systems such as IDS/IPS, WAF, FIM, DDOS and Vulnerability Scanners.

• Experience in administering enterprise-level Linux servers and applications.

• Experience with application / scripting tools (bash, Python).

• Experience with leading incident response.

• Experience with security automation.

• Experience Threat hunting in EDR telemetry data.

• Experience with security in DevOps environments (secrets management, CI/CD pipeline integration, secure IaC, container security, etc.)

• Experience in threat detection, monitoring, hunting, and forensics.

• Experience with information sharing groups.

• Experience with regulatory compliance frameworks and standards such as ISO, PCI and GDPR.

• Experience with configuring and securing AWS cloud.

• Experience with configuring Log Management/SIEM/SOAR tools.

• Experience with configuring and deploying EDR, Antivirus, and security tools.

• 1+ years of experience with containers / Kubernetes (hands-on deployment / research).  Extensive Kubernetes experience is a plus.

• Experience working for a MSSP is a Plus.

• Technical security related certifications are a plus:

• Industry Certifications like GIAC, CISSP or CCIE

Joyent is committed to employing a diverse workforce and providing Equal Employment Opportunities for all individuals regardless of race, color, religion, gender, age, national origin, marital status, sexual orientation, gender identity, status as a protected veteran, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law.

Compensation and Benefits

Compensation for this position will vary among specific regions due to geographical differentials in the labor market, and actual pay will be determined considering factors such as relevant skills, experience, and comparison to other employees in the role.  Therefore, the annual base compensation range for this role (depending on the geographical location) is expected to be between $110000 and $180000.  

Regular full-time employees (salaried or hourly) have access to benefits including Medical, Dental, Vision, Life Insurance, 401(k), Employee Purchase Program, Vacation and Sick leave, electronic reimbursement and many more.  In addition, regular full-time employees (salaried or hourly) are eligible for bonus compensation based on individual, department, and company performance.

About Joyent

Joyent, a wholly-owned subsidiary of Samsung, is the open cloud company. Joyent builds technology, at the pinnacle of scale, performance, stability, and security to accelerate the transformation toward the mobile and cloud-centric world. Joyent designs, builds and manages market competitive cloud computing solutions and services for Samsung Electronics and its partners at global scale.

How To Apply

To apply, please submit a brief introduction, a copy of your resume, and a link to your Github or LinkedIn profile to jobs@joyent.com with Security Engineer in the subject. We are an equal-opportunity employer, building a diverse and inclusive team. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the Fair Chance Ordinance.

Joyent is committed to employing a diverse workforce and providing Equal Employment Opportunities for all individuals regardless of race, color, religion, gender, age, national origin, marital status, sexual orientation, gender identity, status as a protected veteran, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law.

Disclaimer: This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice.

View All Open Positions at Joyent