Sysdig is the secure DevOps company, and we’re at the forefront of the container and Kubernetes revolution. We are passionate, technical problem-solvers, continually innovating and delivering powerful solutions to secure and operate cloud-native applications in production. Our consistent contributions to open source software projects reflect our commitment to the open cloud movement.
We value diversity and open dialog to spur ideas, working closely together to achieve goals. And we're a great place to work too — we were awarded the 2019 Bay Area Best Places to Work Award from San Francisco Business Times and the Silicon Valley Business Journal. We are looking for team members who share our commitment to customers and are willing to dig deeper, understand problems and deliver innovative solutions. Does this sound like the right place for you?
As a Security Engineer at Sysdig, you will be responsible for the day-to-day operation, maintenance, and monitoring of a wide variety of security tools and applications that support the overall Information Security program. This is a technical, hands-on position. You will help with infrastructure and application security, identity and access management, governance and controls and Sysdig’s overall security posture.
- Identify any potential security gaps in existing application infrastructure and work with appropriate stakeholders for remediation
- Monitor security information in a global environment, identifying threats, and taking actions on alerts
- Investigate intrusion attempts and perform in-depth analysis of exploits
- Perform due diligence in ensuring that appropriate technology solutions are chosen to facilitate security at the application level
- Perform static and dynamic application security testing and work with developers towards remediation of any identified issues
- Implement application security automation by integrating SCA, SAST, and DAST tools into the CI/CD pipeline
- Bachelors in Computer Science or a related field
- 2-5 years in a security engineering role
- Expertise applying security principles to cloud native environments (AWS, containerization, and microservices)
- Proficient in Java, Python or Go
- Proficient with security tools such as Burp Suite, OWASP ZAP, CheckMarx, Veracode, MetaSploit, App Spider etc.
- Experience with automation and CI/CD tools such as Terraform and GitHub
- Experience with automated application testing tools/frameworks e.g. Selenium, SonarQube
- Experience with user/customer identity management, authentication and authorization frameworks
Amazon Web Services (AWS), Kubernetes, Terraform, Java, Go, Linux, SonarQube
Are you ready to join us?
We're excited to receive your application.