Lead Infrastructure Security Engineer

How you can help make a better world of work

As a Lead Infrastructure Security Engineer, you will play a key role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure and application security controls.

Using your extensive AWS experience, you will engineer robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration.

You also won’t be doing this alone. As the Infrastructure Security Engineering lead, you will combine your technical excellence and people leadership skills to lead and inspire your small team of talented security engineers.

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.

You will

• Demonstrate innovative security approaches to Cloud Native operating environments.
• Lead the implementation, and contribute to the design and operation of, security solutions across the Culture Amp environment. This includes engaging with all areas of the business and negotiating approaches, scopes, tasks and timelines as applicable, and leveraging resources from multiple teams to achieve outcomes.
• Conduct security assessments and reviews
  • Undertake the evaluation of applications, infrastructure, and code to identify vulnerabilities or non-compliance with security and engineering standards,
  • Support security assessments for Culture Amp solutions, and
  • Assist and support audit activity where required, including maintenance of audit records.
• Respond to security queries from team members across the organisation and champion security in key forums.
• Contribute your subject matter expertise to the development and improvement of policies, processes, standards.
• Bring, and demonstrate consistently, a continual improvement mindset to the role.
• Develop documentation on security tools and services
  • Actively and strongly contribute to the writing and upkeep of documentation on security tools, services and project work.
  • Identify and resolve gaps in documentation.
  • Strongly perform documentation reviews and provide actionable improvements.
• Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely.

You have

You have the following technical capabilities:

• Strong experience with most/all of the following security technologies:
  • Identity and Access Management Providers
  • Cloud Security Posture Management (CSPM)
  • Data Loss Prevention (DLP)
  • Endpoint Detection and Response (EDR)
  • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
  • Network Firewall
  • Security information and event management (SIEM)
  • Vulnerability Management tooling
  • Web Application Firewall (WAF)
• Both broad and deep experience and knowledge of AWS across the following areas:
  • Compute
  • Storage
  • Networking
  • IAM
  • Security, Controls and Governance
• Infrastructure as Code:
  • Strong and demonstrable experience with modelling and writing all the infrastructure layers as code within AWS.
  • Ability to identify, analyse and resolve situations where a compromise may need to be made during writing of infrastructure-as-code.
  • The ability and willingness to mentor others on the benefits, approach and implementation of infrastructure-as-code.
• Demonstrable experience with the following tools (or equivalents):
  • Visual Studio Code
  • Git
  • Code linting tools
  • AWS CLI
  • Typescript (NodeJS), Golang, or Python

We are looking for humans, not machines, and so you will bring these personal attributes:

• A demonstrable excellence in both written and verbal communication and collaboration.
• Flexible and resilient, especially when dealing with unexpected changes and issues.
• Prioritisation:
  • Comfortable making large prioritisation decisions, sometimes with minimal information at hand. This can be at an individual level, or at the team level.
  • Able to identify prioritisation conflicts and take the lead to resolve at team level.
• Work Style:
  • Strong ability to lead, and follow, team members where appropriate
  • Strong ability to work independently for long periods of time.
• As the Cybersecurity and Cloud industries change so fast, you can demonstrate a continual learning mentality.
• Regularly identify and solve large / cross-team problems or opportunities independently.
• The ability to respond to security events outside of usual work hours on a rostered basis.
• Certifications, Education and Experience
  • Formal education or equivalent applicable experience required.
  • Industry recognised infrastructure or security qualifications highly advantageous.