Security Engineer

As a Cloud Security Engineer, the primary role is to support the security of our cloud environments across AWS, GCP, and Azure. This involves assisting in identifying and mitigating security risks, using cloud-native security tools, and helping manage security solutions. The engineer will work with various teams to incorporate security into the software development lifecycle and assist in maintaining threat models. They will also help ensure compliance with security and regulatory requirements, assist in suggesting risk mitigation strategies, and respond to security queries from clients and partners. Familiarity with cloud security platforms like CNAPP, CSPM, CWPP, CASB, CIEM, and the Wiz tool is beneficial.

Responsibilities:

The Cloud Security Engineer primary job responsibilities include:

• Experience or familiarity with cloud security or engineering in public cloud providers AWS, GCP, and Azure.
• Assist in evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.
• Support in monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM.
• Assist in utilizing the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.
• Support in selecting and acquiring additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Assist in determining, monitoring, and maintaining our security posture, in collaboration with the Engineering team.
• Support in overseeing and managing the deployment, integration, and configuration of security solutions and any enhancements to existing security solutions and the enterprise’s security documents.
• Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.
• Assist in developing and maintaining threat models for cloud environments and help train engineering teams to develop attacker/risk-driven design skills.
• Actively partner with infrastructure, application, and other stakeholders to ensure deployed solutions minimize security and privacy risks.
• Assist in recommending actions/practices to management to ensure compliance with security and regulatory requirements in decision-making processes.
• Suggest actions to mitigate risk in any activity that potentially impacts the security of existing IT and information management.
• Assist in crafting responses to client and partner security questionnaires.
• Other duties as assigned

REQUIREMENTS

• B.A. or B.S. in Computer Science or a similar engineering program, or equivalent experience.
• 5+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure.
• AWS Security, CISSP, CISA, OSCP or other information security certification is a plus.
• Experience in performing security reviews of cloud application designs, source code and deployments is beneficial.
• Must stay up to date on the latest cloud security advisories, alerts, and vulnerabilities.
• Strong verbal and written communication skills for a highly collaborative environment.
• Attention to detail and focus on quality of deliverables.
• Familiarity with AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM is beneficial.
• Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation is a plus.
• Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation.
• Proven team experience and comfort in a team-oriented environment.
• Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.

WHY WORK FOR ALARM.COM?

• Collaborate with outstanding people: We hire only the best. Our standards are high and our employees enjoy working alongside other high achievers.
• Make an immediate impact: New employees can expect to be given real responsibility for bringing new technologies to the marketplace. You are empowered to perform as soon as you join the Alarm.com team!
• Gain well-rounded experience: Alarm.com offers a diverse and dynamic environment where you will get the chance to work directly with executives and develop expertise across multiple areas of the business.
• Work with the latest technologies: You’ll gain exposure to a broad spectrum of IoT, SaaS, and M2M technologies including wireless communication, video monitoring, smart home automation, web development, and backend application development and hosting.
• Focus on fun: Alarm.com places high value on our team culture. We even have a committee dedicated to hosting a stand-out holiday party, happy hours, and other fun corporate events.
• Alarm.com values working together and collaborating in person. Our employees work from the office 4 days a week.

COMPANY INFO

Alarm.com is the leading cloud-based platform for smart security and the Internet of Things. More than 7.6 million home and business owners depend on our solutions every day to make their properties safer, smarter, and more efficient. And every day, we’re innovating new technologies in rapidly evolving spaces including AI, video analytics, facial recognition, machine learning, energy analytics, and more.  We’re seeking those who are passionate about creating change through technology and who want to make a lasting impact on the world around them.

For more information, please visit www.alarm.com.

COMPANY BENEFITS

Alarm.com offers competitive pay and benefits inclusive of subsidized medical plan options, an HSA with generous company contribution, a 401(k) with employer match, and paid holidays, wellness time, and vacation increasing with tenure. Paid maternity and bonding leave, company-paid disability and life insurance, FSAs, well-being resources and activities, and a casual dress work environment are also part of our outstanding total rewards package!

Alarm.com is an Equal Opportunity Employer

In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we may collect include your name, government-issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information.  We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.  By submitting your application, you acknowledge that we may retain some of the personal data that you provide in your application for our internal operations such as managing our recruitment system and ensuring that we comply with labor laws and regulations even after we have made our employment decision

Notice To Third Party Agencies

Alarm.com understands the value of professional recruiting services.  However, we are not accepting resumes from recruiters or employment agencies for this position. In the event we receive a resume or candidate referral for this position from a third-party recruiter or agency without a previously signed agreement, we reserve the right to pursue and hire those candidate(s) without any financial obligation to you. If you are interested in working with Alarm.com, please email your company information and standard agreement to [email protected].