We are looking for an enthusiastic Security Automation Engineer to “automate all the things!” –information security controls, processes, tests, and audits.

The Security Automation Engineer leads integration and automation efforts in all areas of TrackVia's security program.  The engineer will develop automated solutions to eliminate manual security operations tasks, enrich security events into actionable alerts, and create response playbooks.  This role will have significant input and contribution to our security orchestration and automated response (SOAR) capabilities.  The position combines proven integration and automation skills with a passion for security.  The position is highly collaborative and requires excellent communication and teamwork.  The Security Automation Engineer reports to the Director, Information Security and is located at TrackVia’s corporate headquarters in Denver, Colorado.

Job Responsibilities:

• Develop and maintain a security automation roadmap
• Lead security orchestration and automated response efforts
• Build collaborative relationships with Operations and Engineering teams
• Participate in incident response activities
• Support security metrics through automated testing and auditing of security controls
• Contribute to information security planning: strategy, standards, roadmaps, prioritization, sprints
• Support compliance efforts by producing security related artifacts
• Maintain awareness and knowledge of information security threats and vulnerabilities
• Maintain awareness and knowledge of AWS services and related guidance
• Maintain awareness and knowledge of major information security frameworks/guidance, e.g., CSA Controls Matrix, NIST CSF

Requirements:

• A passion for process improvement, efficiency, and to “automate all the things!”
• A strong interest in information security as a career field
• An attitude of “problems are opportunities!”
• You have excellent attention to detail, planning, and time management skills
• You work equally as well in a team setting or directing your own efforts
• Proven integration and automation skills via REST APIs and microservices
• Strong automation development/scripting skills with Python
• Strong Linux skills
• Ability to lead automation projects
• Experience working within Agile and Kanban frameworks
• Experience supporting AWS environments
• Familiarity with open-source or commercial integration platforms, preferably Workato
• Familiarity with open-source or commercial security orchestration and automated response (SOAR) platforms
• Familiarity with open-source or commercial SIEM, IDS/IPS, and vulnerability scanning solutions
• 4+ years development and/or automation experience
• 3+ years of experience working in AWS environments
• U.S citizenship is required

Preferred:

• Four-year college degree in Computer Science, Information/Cyber Security, Management Information Systems, or related discipline
• Relevant information security certification, e.g., CISSP, CEH, GSEC
• AWS certification, e.g., Solutions Architect, Security Specialty
• Familiarity with security best practices, standards, and frameworks, e.g., CSA Controls Matrix, NIST CSF
• Familiarity with information security exploits, threats, and adversarial tactics, e.g., OWASP Top 10, MITRE ATT&CK
• Experience with compliance audits, e.g., SOC2, HIPAA, PCI-DSS, ISO-27001, FedRAMP
• Experience as a DevOps engineer
• Experience with Docker and Kubernetes

Salary & Benefits

• The salary range for this position is $80,000 - $120,000 depending upon experience
• We cover 100% medical, dental, and vision benefits
• We understand you have a life outside of work and have an unlimited, flexible time-off policy
• We provide competitive paid parental leave for all new parents after 6 months
• We made Built in Colorado’s 2020 Best Small Companies to Work For list and received an Honorable Mention for Outside Magazine’s 2020 Best Places to Work
• You will have the opportunity to challenge yourself and have a high degree of responsibility and impact
• Your daily tasks will change often and give you many opportunities to grow your professional and technical skillset and advance your career