Staff Information Security Engineer

Overview

• As a Staff Information Security Engineer, you will play a pivotal role in designing, implementing, and maintaining robust security measures to safeguard our cloud network infrastructure. You will be responsible for ensuring the confidentiality, integrity, and availability of our critical systems, as well as proactively identifying and mitigating potential security threats.

• In this role, you will be a core contributor in ensuring the security of Recharge’s cloud platform. You will collaborate, both within and outside of your team to clarify, theorize, figure out, and decide solutions to complex problems.

What you’ll do

• Network Security Architecture:

  • Design, implement, and maintain secure network architectures, ensuring the confidentiality, integrity, and availability of data.

  • Create and maintain network and security documentation.

  • Collaborate with cross-functional teams to integrate security measures into network designs and implementations.

• Firewall and Intrusion Prevention:

  • Configure and manage firewalls (including WAFs), intrusion prevention systems, SIEM, and other network security devices and/or tools.

  • Monitor network traffic for unusual activity and respond to security incidents in a timely manner.

• Vulnerability Assessment:

  • Conduct regular vulnerability assessments on network infrastructure to identify and remediate potential security risks.

  • Stay abreast of emerging threats and vulnerabilities, applying proactive measures to protect against them.

• Incident Response:

  • Maintain and continuously improve incident response plans, participate in tabletop exercises, and lead incident response efforts when necessary.

  • Collaborate with internal teams and external stakeholders to investigate and mitigate security incidents.

• Mentor other engineers on security configurations and best practices

• Investigate, analyze and evangelize good security posture throughout the organization

• Live by and champion our values: Accountability, Collaboration, Iteration and Details

What you’ll bring

• Network security design experience and an an in-depth knowledge of network protocols, firewall configurations, and intrusion detection/prevention systems

• Robust understanding of WAF technologies such as Akamai, Cloudflare, Google Cloud Armor, Imperva, etc

• Experience configuring SIEM tools such as Splunk, LogRhythm, FileVault, etc

• Extensive knowledge of Vulnerability Management practices

• Understanding of virus and malware defense systems such as Crowdstrike, Sentinel One, Trend Micro, etc

• Understanding of backup systems and disaster recovery planning

• Experience with security assessment tools and techniques

• Ability to manage multiple projects, activities, and tasks simultaneously

• Ability to learn and support new systems and applications

• Strong analytical and problem-solving skills

• Excellent communication and collaboration skills

• Willingness to participate in a first line of support on-call rotation

• Desire to work remotely and to make an impact

Experience/Credentials/Education

• 10+ years of experience in network and/or security roles, with a focus on edge security tools

• 2+ years experience with k8s, Helm, IaC, Terraform and Docker

• 2+ years experience with Monitoring, Metrics and Logging (Splunk) solutions.

• 5+ years experience in cloud-native environments such as GCP, AWS, or Azure

• Bachelor’s degree in Computer Science, Information Technology, or related field

• Relevant certifications such as CISSP, CCSP, GSEC, or equivalent

Our stack

GCP, Kubernetes, GitLab, Helmfile, Terraform, Docker, Ansible, Nginx, Redis, CloudSQL/MySQL, Python, Flask, React, Vue.js, Snowflake, Looker