Responsibilities:
- Transform organizational and process challenges to achieve results that drive complex security efforts for internal and external customers
- Own security decisions across Procore including identifying, planning, and applying security advance concepts and principles
- Advocate for security as a subject matter expert across multiple organizations, holding discussions on security topics and drive automation where required
- Design, build, and review security-related services and functionality of web applications, mobile applications, and desktop applications
- Provide Procore's Engineering team with well-researched security advice to demonstrate vulnerabilities, collaborate with all teams to provide secure development guidance
- Triage vulnerabilities that are found internally or reported through our bug bounty program; serve as an escalation point of contact
- Conduct threat modeling, penetration testing, data security, DevSecOps, vulnerability management, and security metrics
- Work across Ruby on Rails, Apache, Nginx, PostgreSQL, AWS tech stacks
Skills Required:
- BS degree in Computer Science or equivalent practical experience, MS in Computer Science preferred
- 6+ years of experience in Application Security with at least 4 years of experience with software development (preferably Ruby on Rails or other interpreted programming languages) with deployment to a production environment experience
- Experience with penetration testing, threat modeling, open-source, and commercial security tools
- Experience with conducting threat assessments, building threat models, and creating remediation plans based on the results of threat assessments
- Deep background and experience in:
AWS services (EC2, ELB, RDS, Route53, S3, Lambda)
IAM implementation
AWS and orchestration tools
Linux experience;
OSCP Certification
Hashicorp Technologies (Consul, Terraform, Vault, Packer)
Containers and Container Management (Docker, Kubernetes)
Config Management (Puppet, Ansible, Salt)
Networking protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Technical Certifications are a plus (GIAC, OCSP, CISSP)
Project Description:
What if you could use your technology skills to develop a product that impacts the way communities’ hospitals, homes, sports stadiums, and schools across the world are built? Construction impacts the lives of nearly everyone in the world, and yet it’s also one of the world’s least digitized industries, not to mention one of the most dangerous. That’s why we’re looking for a talented Principal Security Engineer to join us on our journey to revolutionize a historically underserved industry.
As a Principal Security Engineer on Procore's Infrastructure team, you’ll join a group of highly skilled Site Reliability, Security, Data Services and Production Engineers to support the Procore platform running on over 2,300 cloud-based systems. As a member of this group, you’ll be directly responsible for the security and uptime of cloud-based production systems ensuring the platform and services are secure and available 24/7/365.
About Zoolatech
We are an IT company that combines an extensive technology stack, flexibility, and charity projects. We are free from bureaucracy, and we share the idea of digital transformation.
– We are responsible and know that we create our own environment, so we strive to take care of others.
– We encourage and support colleagues in their desire to learn and develop professionally.
– Work-life balance is natural and genuine at ZoolaTech. We work and then have fun. Work-life balance matters to us.
Company website:
https://zoolatech.com/
DOU company page:
https://jobs.dou.ua/companies/zoolatech/
The job ad is no longer active
Job unpublished on
2 August 2020
Look at the current
jobs
Security
Kyiv→