What are the responsibilities and job description for the Senior Security Engineer position at Qualio?
About Us
Qualio is on a mission to empower life science teams to launch and scale life-saving products. We’re doing that by building a connected and integrated quality management platform for the entire life science ecosystem. Qualio is trusted by 100s of highly regulated international customers, ranging from the bleeding edge of computational biology and machine learning to household names in mRNA vaccine development. We're growing rapidly, and in 2021 we saw 260% year-on-year revenue growth.
The Qualio team is an all-remote, globally distributed workforce with teammates in over ten countries.
What is the opportunity?
We are hiring a Security Engineer to join our distributed SRE team. The Security Engineer will be responsible for the security of all Qualio infrastructure, including EC2 instances, lambdas, web ingress, VPC networks, Aurora/RDS, noSQL document stores and S3, certificate management as well as the tooling and 3rd party applications used to access and manage these systems.
What will I be doing?
- Evaluate existing solutions and recommend and perform improvements and enhancements to their security, reliability and performance in the AWS cloud.
- Ensure that our various compliance controls are met from a security perspective, including vulnerability scanning, penetration testing, documentation of evidence, IAM access and role management.
- Periodic reviews of alignment of our infrastructure and identifying and remediating any outstanding security issues, as well as applying best practices to reduce overall attack surface area.
- Leading incident response efforts for security incidents
- Threat management using IDS/IPS, WAF and CDN
As a part of the Site Reliability Engineering team, Security Engineers must balance between compliance-based controls and real-world implementations of cloud applications in AWS. They strive to improve data layer performance and security and are relentless in their pursuit of a flawless customer experience. They have a continuous improvement mindset and follow best practices, helping our company deploy services with incredible speed, consistency and availability.
Who are you?
- You live and work in a country without visa restrictions
- You have strong written and verbal communication skills (in English)
- You have over 5 years of professional experience
- You are passionate about problem solving and automation
Responsibilities
- Define and implement security standards at the infrastructure level, working closely with engineering and business leaders
- Support complex cloud native infrastructure projects and other technology initiatives in support of our business priorities while ensuring compliance standards, frameworks, and security requirements are met
- Engage with development and quality teams to create, and update security-related policies, standards, and procedures, developing creative solutions, clarifying them when questions arise and tracking risk acceptance.
Required Skills
- Prior experience with security processes, standards, and strategies
- Experience with certificate management, encryption, authentication and authorization and RBAC using IAM.
- Experience securing web frontends, including load balancers and nginx web servers.
- Familiarity with most major AWS services, especially security groups, cloudfront, lambda and VPC.
- Familiarity with relational databases (PostgreSQL is preferred)
- Experience with Agile Development in at least one scripting language (Go, python, bash, ruby)
- Demonstrated experience with terraform and cloudfront.
- Kindness. Collaboration skills. Willing to celebrate others
- Strong verbal and written communications skills
Desired Skills
- Experience with SOC/2 or ISO/27001 certification.
- Experience securing Kubernetes and container security management.
- Experience with Istio and kubernetes ingress
- Experience with securing Elasticsearch and DynamoDB
Benefits
- Competitive salary
- Matching 401k
- Medical, Dental, and Vision Benefits
- Dependent & Health FSA, Short/Long Term Disability, Basic & Voluntary Life Insurance
- Unlimited PTO policy
- Company allowance for home office supplies
- 12 weeks paid parental leave
- Opportunity to make a difference through helping life-saving products get to market
A note to candidates:
Studies have shown that women and people of color are less likely to apply for jobs unless they believe they meet every single one of the qualifications as described in a job description. We are committed to building a diverse and inclusive company and we are most interested in finding the BEST candidate for the job. That candidate may be one who comes from a less traditional background, and that’s okay. We would strongly encourage you to apply, even if you don't believe you meet every one of the qualifications described.
