SNI Companies
Job Details
This is a temp to hire position. All candidates are required to live within a commutable distance to Andover, MA. Relocation candidates will not be considered. No C2C or Third party. This is a fully on-site position.
The Platform Security Engineer is responsible for securing an organization's infrastructure, applications, and cloud environments by designing, implementing, and monitoring security controls. This role ensures that security best practices are integrated into the development and deployment pipelines, often through an Internal Developer Platform (IDP). They also play a key part in incident response, vulnerability management, and ensuring compliance with security standards. Essential Functions The essential responsibilities performed within this position include: Individual Contributor • Designing and implementing policy-as-code solutions to govern access and infrastructure configurations automatically. • Build security gates into CI/CD pipelines that can catch vulnerabilities before they reach prod, and manage infrastructure security policies for increasingly complex cloud-native environments. • Analyzing and visualizing security telemetry data by using aggregation tools and AI techniques to identify patterns, detect anomalies, and gain insights into system behavior for themselves and others. • Proactively identifying and resolving issues using vulnerability data to pinpoint root causes of problems and implement automated solutions in collaboration with the engineering team. • Optimizing platform tactics to enable rapid response and mitigation of vulnerabilities and suspicious behavior; create incident response playbooks and, where possible, automated remediation workflows to minimize impact. • Ensuring compliance through systemic monitoring of translated compliance requirements such as NIST CSF, ISO 27001, CIS and OWASP into automated checks and controls. • Work with software engineering, Site Reliability Engineers, the platform team, and other stakeholders to ensure security is integrated into the platform and its applications. Platform Security Engineer Page | Confidential 2 Information Security • Provide security guidance and direction to the engineering team, ensuring adherence to monitoring and alerting best practices related to security incident event monitoring. • Review code, architecture, and designs within platform engineered products to identify risks and apply security monitoring and alerting practices. • Identify and implement automated security controls and policy enforcement at scale across the platform lifecycle. • Keeping informed about new security tools and techniques and implement them to improve platform and code security. • Owner and champion of our Secure Software Development framework and integration of automated security controls. • Create and implement a continuous threat hunting operating model that is integrated across the layer of the platform in collaboration team members. Other duties as assigned. Qualifications Competencies The competencies of our people algin with our company's core values and include: • Be a Champion with: o Integrity and Trust: The ability to skillfully interact from top to bottom and bottom to top requires integrity and trust, which starts at the top. • Value Everyone by: o Having a Customer Focus: We collectively service customers every day. Getting firsthand customer information and using it for improvements is essential. o Focused on Peer Relationships: quickly find common ground and solve problems as a cooperative team player who can collaborate, be candid, and gain the trust and support of peers. • Be an Expert by: o Priority Setting: Often priority setting occurs at the individual level but requires managerial guidance and vice versa. Skilled priority setting establishes this collaborative norm. o Being Functionally / Technically proficient: Has the functional and technical knowledge and skills to do the job at a high level of accomplishment. o Problem Solving: Probes all fruitful sources for answers. Platform Security Engineer Page | Confidential 3 Skills The functional / technical skills you must demonstrate include: • Must have a working knowledge of TCP/IP, DNS, and HTTP protocols to understand how data is transmitted and received over a network to assess how to configure network settings, set up firewalls, and ensure that network connections are secure and stable. • Have a deep understanding of CI/CD concepts and experienced in Software Development and it processes. • Strong problem-solving and analytical skills and independent proficiency to identify root causes of problems and implement effective solutions. • Ability to work with cross-functional teams and effectively communicate technical information. Experience • Minimum of 5+ year professional experience in AWS security infrastructure and services. • Minimum of 10+ year professional experience in custom developed web applications with an emphasis on secure coding. Education • Bachelor's degree in computer science, information systems or a related field, or equivalent work experience. • Relevant verifiable certifications like CompTIA Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or AWS Security Specialty. Requirements Physical Demand • This job operates in a professional office environment. • Most periods of time regularly require standing, sitting, talking, hearing, and use hands and fingers to operate a computer, telephone, and keyboard. • Some periods of time may be spent in computer room and communications equipment spaces for installation, testing, and troubleshooting. Some work requires moving and lifting of moderate to heavy computer equipment. Platform Security Engineer Page | Confidential 4 Attendance • This is a full-time position. Days and hours of work are Monday through Friday, 8:15 am to 4:30 pm and must work 37.5 hours each week to maintain full-time status. • Work schedules may differ based upon responsibilities demanding before or after hours to meet a business need. • Remote working for those that are eligible is at the discretion of Management. • This role may require infrequent, minimal travel to attend technology education conferences and training.
Get job alerts by email.
Sign up now!
This is a temp to hire position. All candidates are required to live within a commutable distance to Andover, MA. Relocation candidates will not be considered. No C2C or Third party. This is a fully on-site position.
The Platform Security Engineer is responsible for securing an organization's infrastructure, applications, and cloud environments by designing, implementing, and monitoring security controls. This role ensures that security best practices are integrated into the development and deployment pipelines, often through an Internal Developer Platform (IDP). They also play a key part in incident response, vulnerability management, and ensuring compliance with security standards. Essential Functions The essential responsibilities performed within this position include: Individual Contributor • Designing and implementing policy-as-code solutions to govern access and infrastructure configurations automatically. • Build security gates into CI/CD pipelines that can catch vulnerabilities before they reach prod, and manage infrastructure security policies for increasingly complex cloud-native environments. • Analyzing and visualizing security telemetry data by using aggregation tools and AI techniques to identify patterns, detect anomalies, and gain insights into system behavior for themselves and others. • Proactively identifying and resolving issues using vulnerability data to pinpoint root causes of problems and implement automated solutions in collaboration with the engineering team. • Optimizing platform tactics to enable rapid response and mitigation of vulnerabilities and suspicious behavior; create incident response playbooks and, where possible, automated remediation workflows to minimize impact. • Ensuring compliance through systemic monitoring of translated compliance requirements such as NIST CSF, ISO 27001, CIS and OWASP into automated checks and controls. • Work with software engineering, Site Reliability Engineers, the platform team, and other stakeholders to ensure security is integrated into the platform and its applications. Platform Security Engineer Page | Confidential 2 Information Security • Provide security guidance and direction to the engineering team, ensuring adherence to monitoring and alerting best practices related to security incident event monitoring. • Review code, architecture, and designs within platform engineered products to identify risks and apply security monitoring and alerting practices. • Identify and implement automated security controls and policy enforcement at scale across the platform lifecycle. • Keeping informed about new security tools and techniques and implement them to improve platform and code security. • Owner and champion of our Secure Software Development framework and integration of automated security controls. • Create and implement a continuous threat hunting operating model that is integrated across the layer of the platform in collaboration team members. Other duties as assigned. Qualifications Competencies The competencies of our people algin with our company's core values and include: • Be a Champion with: o Integrity and Trust: The ability to skillfully interact from top to bottom and bottom to top requires integrity and trust, which starts at the top. • Value Everyone by: o Having a Customer Focus: We collectively service customers every day. Getting firsthand customer information and using it for improvements is essential. o Focused on Peer Relationships: quickly find common ground and solve problems as a cooperative team player who can collaborate, be candid, and gain the trust and support of peers. • Be an Expert by: o Priority Setting: Often priority setting occurs at the individual level but requires managerial guidance and vice versa. Skilled priority setting establishes this collaborative norm. o Being Functionally / Technically proficient: Has the functional and technical knowledge and skills to do the job at a high level of accomplishment. o Problem Solving: Probes all fruitful sources for answers. Platform Security Engineer Page | Confidential 3 Skills The functional / technical skills you must demonstrate include: • Must have a working knowledge of TCP/IP, DNS, and HTTP protocols to understand how data is transmitted and received over a network to assess how to configure network settings, set up firewalls, and ensure that network connections are secure and stable. • Have a deep understanding of CI/CD concepts and experienced in Software Development and it processes. • Strong problem-solving and analytical skills and independent proficiency to identify root causes of problems and implement effective solutions. • Ability to work with cross-functional teams and effectively communicate technical information. Experience • Minimum of 5+ year professional experience in AWS security infrastructure and services. • Minimum of 10+ year professional experience in custom developed web applications with an emphasis on secure coding. Education • Bachelor's degree in computer science, information systems or a related field, or equivalent work experience. • Relevant verifiable certifications like CompTIA Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or AWS Security Specialty. Requirements Physical Demand • This job operates in a professional office environment. • Most periods of time regularly require standing, sitting, talking, hearing, and use hands and fingers to operate a computer, telephone, and keyboard. • Some periods of time may be spent in computer room and communications equipment spaces for installation, testing, and troubleshooting. Some work requires moving and lifting of moderate to heavy computer equipment. Platform Security Engineer Page | Confidential 4 Attendance • This is a full-time position. Days and hours of work are Monday through Friday, 8:15 am to 4:30 pm and must work 37.5 hours each week to maintain full-time status. • Work schedules may differ based upon responsibilities demanding before or after hours to meet a business need. • Remote working for those that are eligible is at the discretion of Management. • This role may require infrequent, minimal travel to attend technology education conferences and training.
Get job alerts by email.
Sign up now!