SecOps Engineer United States
Formstack transforms the way you collect data and put it to work.
We are looking for a SecOps Engineer to help us accomplish this mission!
Formstack is a 15-year-old company with roots in Indianapolis. Our customers span 110 different countries, and our employees live and work across the U.S. and the globe. We provide a work environment that is flexible and provides great freedom for those who can perform. We are seeking people who demonstrate an ability to work effectively with individuals from diverse cultures and backgrounds.
Who You Are:
- You have a high attention to details and are motivated to learn how to improve our security posture.
- You can prioritize work and are comfortable with priorities changing.
- You can break large projects into manageable chunks to make them easier to work on and consume.
- You can identify roadblocks, maybe not always fix them, but you can call them out so the team can put their heads together to find a proper solution.
- You recognize that large projects can take considerable time to accomplish and that's okay.
- You can set measurable goals for yourself, and you take operational responsibility seriously.
What You’ll Do:
- Manage priority for security and compliance related infrastructure changes
- Auditing firewall/security groups for PCI compliance
- Work with the DevOps team to share responsibility for implementing security related changes. DevOps provides the tools to perform this work and can assist with the work. Ultimately DevOps needs to offload this work to SecOps
- Implement Policy as Code using Terraform Sentinel. For example, disallowing S3 buckets to be created unless encryption is enabled.
- O/S hardening
- WAF rule management
- Work with Privacy, Security, and Risk team during compliance audits
- Managing allowed / disallowed services in AWS and other providers depending on security framework
How You Will Succeed:
- Work closely with DevOps, and the Privacy, Security, and Risk (PSR) team to prioritize and share workload where appropriate between the three teams.
- Find and document potential security risks including priority, risk, and mitigation.
- Use commandline tools such as Terraform, AWS CLI.
- Use software such as FIMS, HIDS, and security scans to identify security vulnerabilities
- Enjoys actively searching for problems and discussing their findings with other team members.
- Travel (<10%) for team meetups, conferences, etc.
What/Who We’re Looking For:
- Excellent communication skills
- Ability to prioritize tasks
- A team player who excels in highly collaborative environments
- Must be fluent in written and spoken English
- Experience with Terraform and Terraform Sentinel
- Experience with configuration management such as Ansible, Chef, Puppet, etc.
Salary Range: $90,000 - $100,000 (USD)
This position is available via remote work or based out of one of our two office locations (Indianapolis, IN, or Colorado Springs, CO)
This is a Remote (work from anywhere) position.
What Formstack Offers:
- Free health plans, as well as company-paid Dental, Vision, Disability, and Life Insurance Benefits for US and Canadian full-time employees.
- Unlimited PTO for all employees.
- Retirement accounts with company matching for US and Canadian full-time employees.
- The most up-to-date technology, including company-issued Macs, the latest software, and other tools needed to excel at your job
- Company-paid conferences and extended learning opportunities
- Yearly company gatherings
Want to learn more about who we are and what we value? CLICK HERE to hear from some current Formstackers about what matters most!
Formstack is proud and dedicated to providing Equal Employment Opportunities.
Formstack maintains a policy that Equal Employment Opportunities be available to all persons without regard to race, gender, age, color, religion, national origin, ancestry, citizenship status, disability, sexual orientation, gender identity, genetic information, union affiliation, veteran status or any other characteristic protected by law. This means we do not discriminate in any aspect of employment based on any of these characteristics. This policy applies to all applicants and employees through all phases of employment, including but not limited to hiring, promotion, treatment during employment, demotion, and termination.
Salary ranges are determined by industry research and trends. Individual salaries are based on skills, experience, and geographical location. Compensation is reviewed on a regular basis and adjustments are made accordingly.
All data collected in our application process from resume collection to application questions is used for recruitment purposes only. We will store it in our applicant tracking system, JazzHR, and will not share this data with anyone else. We will keep your data until the role is filled and only continue to store it if we feel you may fit future roles.
Thank you for your interest in Formstack!