The Linux SecOps Administrator is a technical information security position, bringing together responsibilities from both the Information Security and Information Technology disciplines, with an emphasis on improving our security posture. The ideal candidate will be a person with a strong technical background on Linux who possess Information Security, Vulnerability Management, or SecOps experience. This role is primarily responsible for the research, implementation, ongoing monitoring/management, and continual improvement of our security/vulnerability/risk management and monitoring tools. Secondary responsibilities will be general systems administration, handling general IT projects and support, functioning as a technical escalation point for the Production Support organization, and learn/contribute to Cloud Engineering projects and activities. This makes it a great opportunity for a security-savvy Linux admin who’s been looking for an opportunity to learn Cloud technologies on-the-job and grow their technical skill set!
- Manage and administer our deployed information security tools.
- Monitor and review outputs from security tools to evaluate security risks and vulnerabilities, determining where remediation or other action is required.
- Review and respond to security events generated by our security tools, acting or escalating the alerts as appropriate.
- Optimize security tool configuration, adding new security alerts, rules, triggers, or integrations to the tools as needs change or threats evolve.
- Research and implement new or replacement tools and associated integrations to meet new or changing information security needs.
- Work with the Information Security Office on the following:
- Ensure our tools are creating appropriate outputs which meet the evidentiary requirements of our Information Security and Compliance Controls.
- Research and implement new capabilities and/or new tools to meet new or changing controls requirements over time.
- Ensure changes to Information Security Policies and Procedures are implemented on the technology side, acting as a technology advocate for the Information Security Office on getting such projects prioritized and placed appropriately on team project boards.
- Update Security Policies and Procedures around changes to our information security tools and processes to keep them reflective of current reality in behavior or process.
- Perform general Linux Administration work, including contributing to Linux Automation as part of the Cloud Platform under management.
- Execute general IT projects that deal with technologies or services not owned by our Cloud Engineering team.
- Perform Linux security optimization for our infrastructure, including tasks like OS hardening, security setting governance, and review of Linux work done by the Cloud Engineering team to ensure it meets appropriate practices and standards, coaching those staff as appropriate to enact necessary changes.
- Provide an escalation point for the Production Support organization, helping with Linux and Cloud Platform questions, engaging Cloud Engineering resources as required.
- At least 3 years of Linux/Unix experience (e.g.: Ubuntu, RHEL, CentOS) with ability to demonstrate advanced-level expertise working with the shell and command line tools, performing system analysis and tuning, file system management, provisioning, and package management.
- Experience doing vulnerability review (e.g. CVE’s) and determination of applicability to servers/services.
- Experience doing patch review (e.g. yum/apt updates) and determination of applicability to deployed servers/services.
- Solid understanding of TCP/IP and networking fundamentals.
- Experience with bash scripting is required, as well as working knowledge of complimentary utilities such as sed, awk, sort, tr, xargs, etc.
- Understanding of protocols/technologies like HTTP, SSL/TLS, LDAP, JDBC/ODBC, SQL, HTML, XML
- Must be willing to support an after-hours on call rotation
- Experience working with customers to diagnose a problem, and work toward resolution
- Demonstrated ability to work well under pressure
- Need to be highly motivated to learn new things
- Need to have strong written and verbal communication skills
- Effective prioritization and time management skills
- Demonstrated ability to deliver upon project commitments independently.
- Hands-on experience with AWS or other Cloud platforms are a big plus.
- 5+ years of experience with Linux/Unix preferred.
- Knowledge of one or more vulnerability scanning tools.
- Knowledge of one or more security event monitoring tools.
- Knowledge of one or more NIDS or HIDS tools.
- Experience using higher-level scripting languages (e.g.: Perl, Python, Ruby) is a plus.
- Experience with Google Suite (Drive, Mail, Docs, etc) is a plus.
- Experience with MacOS is a plus.
- Experience using configuration management/automation tools (e.g. Puppet, Chef, Ansible, etc.) is a plus.
- Kung Fu (because the night is dark and full of terrors)
To apply for this job email your details to firstname.lastname@example.org