Security Engineer I

Your Impact

Help us bring cloud computing to public safety by joining the Trust & Security team at Axon. Be on the cutting edge of cloud computing and IoT security and privacy in a very challenging and innovative environment. The team’s mission is to make Axon’s cloud services, client applications, and connected devices the most trusted platform in our markets. We do so by making and upholding commitments to security, privacy, and compliance.

We need a high-energy, motivated, and technically proficient professional to help meet our commitments to security and privacy. There are plenty of challenges to conquer that will enable a wide-range of security and privacy knowledge and experience.

Your Day-to-Day

• Provide technical expertise within security compliance and privacy activities across Axon’s product ecosystem
• Coordinate and participate in security assessments and remediation activities
• Develop, manage, and execute security, security compliance, and privacy tools to ensure program effectiveness and compliance with developed standards and requirements
• Partner with engineering and product teams to ensure security and privacy commitments are appropriately implemented
• Research, document, and help remediate design decisions, operating procedures, or processes that impact adhering to privacy and security commitments
• Assist others in understanding and implementing security and privacy policy objectives in ways that are cost effective and align with business objectives
• Participate in periodic compliance activities and manage any resulting remediation actions
• Interact with security and privacy program managers, product development, and legal teams
• Stay current on security industry trends, attack techniques, mitigation techniques, and security technologies by attending conferences, networking with peers, and other educational opportunities.

Basic Requirements

• Ability to work independently and comfortably in a fast-paced environment
• Demonstrated working knowledge of software engineering fundamentals
• Strong background in cloud security controls and experience implementing security and privacy requirements in cloud environments
• Ability to balance risks in ambiguous and complex situations
• Experience with SAST and DAST tools
• Have worked on implementing privacy programs to conform with GDPR or other widely-adopted data protection standards
• Familiarity with generally accepted information security practices, such as ISO 27001, Cloud Security Alliance CCM, NIST 800-53, FedRAMP
• Understanding of de-identification, psuedo-anonymization and anonymization methodologies
• U.S. Citizenship required

Preferred Requirements

• Information security and privacy related certifications
• Experience automating tests and tooling into development processes and production environments
• Experience in an ISO 27001 compliant information security program
• Experience with international data security and privacy standards

----
misc inspiration

B: Technically-focused/skilled security compliance person (tech/prod design aptitude/experience) | Look less compliance auditor and more technical testing (tool junky is OK)
AppSpider | Nexpose | Nessus | Threat Model | Privacy Engineering | DAST, SAST | Cloud Configuration Monitoring


2-4 years of relevant experience. • Experience using cloud security and compliance products. • Knowledge with security assessment tools, cloud security architecture and supporting. • Experience with SAST and DAST tools. • Experience with Docker, Kubernetes, or similar tools. • Knowledge of networking, IAM, public cloud, enterprise logging, SIEM, API Management and containerization. • Experience with Incident Response and deep analytical investigation as needed to understand a threat and address it. • Experience with scripting tools.