Informacje o stanowisku

technologies-expected :

• AWS
• Microsoft Azure
• Google Cloud Platform

• We are looking for people that believe in the PandaDoc culture and are ready to develop secure, reliable, and scalable product solutions within our fast-growing business.
• Are you adaptable, driven, and friendly? Do you thrive in a fast-paced work environment where collaboration is the norm? If the answer is yes, then you’re a Panda and we want you to join our team.
• PandaDoc is looking for talented Security Engineers focused on Security Operations activities to join the Security team. SecOps engineers focused on enabling Product teams in streamlining incident management and vulnerability management processes.
• As a cloud security engineer at PandaDoc, you will focus on securing our AWS infrastructure using AWS-native and third-party security tools. You will work closely with various engineering teams to identify cloud infrastructure vulnerabilities and implement new security controls to safeguard our environment.
• Our stack:
• Service-oriented architecture
• Two main stacks: Java and Python
• Message queues: NATS, Kafka, and RabbitMQ
• Amazon Web Services: EKS, RDS, ElastiCache, etc.
• Combination of AWS native and 3rd party security tools for infrastructure and application security

• Monitor and test information systems to identify vulnerabilities
• Execute or manage remediation of identified vulnerabilities
• Respond to security incidents and perform root cause analysis
• Assess and understand PandaDoc’s current security framework and future architecture, providing recommendations for risk reduction
• Design, implement, maintain, and evangelize automated security solutions
• Work closely with DevOps and SRE teams to implement new security controls
• Analyze and monitor relevant security threats and prevention measures based on industry trends and standards
• Perform cloud services hardening, including reviewing roles and permissions for services and APIs

• 2+ years of cloud security experience implementing security controls and best practices in AWS, GCP, or Microsoft Azure
• 2+ years of experience with security management tools, including IDS/IPS, WAF, SIEM, vulnerability scanning, and penetration testing
• Good understanding of Access Control and Identity Access Management principles (SAML 2.0, OAuth, JWT, etc)
• Experience with implementing DevSecOps practices in SSDLC
• Solid interpersonal, written, and verbal communication skills
• Upper-Intermediate English level (B2+)

• An honest, open culture that emphasizes feedback and promotes professional and personal development
• An opportunity to work from anywhere — our team is distributed worldwide, from Minsk to Manila, from Florida to California
• An annual personal budget for educational classes, conferences, etc. — anything to further your professional knowledge
• A competitive salary
• And much more!

• private medical care
• remote work opportunities
• extra leave
• access to LinkedIn Learning
• wellness allowance
• stock options

Warszawa - Oferty pracy w okolicznych lokalizacjach