What’s the opportunity?
As a Senior Cloud Security Engineer you will have experience in investigating advanced threats, detecting cloud-native attacker techniques, and securing AWS environments, with a focus on technical controls, incident response, and detection engineering. You will be working with other engineering teams to identify & mitigate risks across our cloud infrastructure. You will develop and enforce security measures within our cloud infrastructure, delivering a safe and secure engineering environment. This role requires a deep understanding of security best practices, the threat landscape, and the ability to implement and enforce robust security measures. You will identify and detect threats to our business and drive our response to security incidents. The ideal candidate should have a strong background in cloud computing, infrastructure as code, and possess a deep understanding of AWS services.
Become a Senior Security Engineer of the Cloud Security team and join the globally distributed Information Security group, overseeing the security and trust of Intercom for 25,000+ businesses through defining and holding the bar for the security of our product.
What will I be doing?
As a Senior Security Engineer on the cloud security engineering team you will:
- Leverage cloud-native security tools (e.g., IAM, GuardDuty, AWS WAF, Security Hub) along with EDR and SIEM to enhance security posture.
- Develop strategies, frameworks, automations and processes to advance the Detection and Response program.
- Create Protective and Detective controls using open-source and closed-source intelligence sources to address gaps and detect potential intrusions.
- Collaborate with product engineering teams to manage and resolve security incidents, ensuring effective containment and mitigation.
- Automate security controls and compliance checks to maintain adherence to security standards.
- Partner with infrastructure teams to expand automation and infrastructure as code practices for secure, scalable operations.
What skills do I need?
We recognise that sometimes these lists can appear as strict requirements, but that’s not the case. Even if you feel you have a subset of the experience below - that’s ok, we’d love to talk to you!
- Experience in investigating advanced threats and detecting cloud-native attacker techniques using a modern detection engineering approach, with deep expertise in attacker behavior, technical controls, and diverse technologies.
- Experienced in securing AWS environments, developing detections, and responding to security incidents, including containment, investigation, and recovery.
- Solid understanding and demonstrated expertise managing AWS security controls and ensuring the security of cloud service offerings (IAM, VPC, firewalls/ACL, IDS/IPS, WAF, Linux hosts, serverless, etc.)
- Proficiency in high-level programming language (e.g., Python, Ruby) for automation of security tasks.
- Experience in implementing Infrastructure as Code (IaC) practices using tools such as Terraform, AWS CloudFormation, or similar.
- An ability to thrive in a fast-moving environment. You’ll have the autonomy to prioritise, explore and determine your own solutions to problems.
How will I be supported?
- You will report to the Cloud Security Engineering Manager.
- You will buddy with another Cloud Security engineer who will help you to onboard and get up to speed quickly.
- You will have a close group of InfoSec peers to collaborate with and learn from.
- We invest heavily in our Engineers, supporting individual career development through training and coaching.
Benefits
We are a well-treated bunch, with awesome benefits! If there’s something important to you that’s not on this list, talk to us! :)
- Competitive salary and equity in a fast-growing start-up
- We serve lunch every weekday, plus a variety of snack foods and a fully stocked kitchen
- Regular compensation reviews - we reward great work!
- Pension scheme & match up to 4%
- Peace of mind with life assurance, as well as comprehensive health and dental insurance for you and your dependents
- Flexible paid time off policy
- Paid maternity leave, as well as 6 weeks paternity leave for fathers, to let you spend valuable time with your loved ones
- If you’re cycling, we’ve got you covered on the Cycle-to-Work Scheme. With secure bike storage too
- MacBooks are our standard, but we also offer Windows for certain roles when needed.
#LI-Hybrid