Security & IT Manager/DevOps Engineer
We are looking for a motivated individual to join our team who is interested in performing a hybrid role.
As Security &IT Manager / DevOps Engineer, you will perform several core functions and roles. The first is overseeing the continued development of the company’s ISO 27000 aligned Information Security program. The second is to manage the company’s internal Information Technology assets and systems. The third is to perform DevOps administration of our products’ AWS cloud-based infrastructure.
The Security & IT Manager role is expected to interface with the leaders of all internal teams to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation.
The DevOps Engineer role is expected to be performed as an integral member of the product development team, working closely with the developers to automate the provisioning/configuring of our cloud-based infrastructure, as well as mechanisms to perform zero-downtime deployments of code releases to that infrastructure.
You must be able to work well and get along with others, and have a strong desire for professional development.
KEY RESPONSIBILITIES
Security - Strategy & Planning (20%)
Create and maintain the enterprise’s security architecture design.
Create, and maintain the enterprise’s security awareness training program.
Create and maintain the enterprise’s security documents (policies, standards, baselines, guidelines and procedures).
Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.
Security - Acquisition & Deployment (20%)
Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
Respond to client security due diligence requests regarding internal and product Security policies
Security & IT - Internal Systems Management (10%)
Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories
Ensure the enforcement of enterprise security documents
Supervise all investigations into problematic activity and provide ongoing communication with senior management
Supervise the design and execution of vulnerability assessments, penetration tests and security audits
Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents
Manage 3rd party service providers to ensure services and security solutions provided deliver according to Security Requirements outlined in SLA and contract agreements
Procurement, provisioning, and decommissioning of all hardware assets (primarily laptops, phones, routers, and printer)
User management for all internal software (all SAAS products)
User management for internal physical access systems (key fobs & security system)
DevOps Engineer (50%)
Work closely with the development team on a regular basis to support ongoing infrastructure needs
Automate the provisioning of AWS cloud-based infrastructure (Servers, Volumes, Load Balancers, Virtual Networks, Security Groups, Firewalls, etc.) to allow on-demand creation of various product environments (dev, test, production, etc.)
Automate the configuration of infrastructure and servers including middleware applications (Web Servers, Application Servers, Docker, Postgres, etc.) for various product environments
Automate the verification / testing of infrastructure setups
Automate regular zero-downtime deployment mechanisms (code and/or new infrastructure)
Monitor infrastructure
Manage security updates
Manage disaster recovery mechanisms
Manage backup mechanisms
Assist in controlling infrastructure costs based on defined budgets
REQUIREMENTS
College diploma or university degree in the field of computer science, information technology and/or 3-5 years equivalent work experience.
Bonus points if working toward or has one or more of the following certifications:
GIAC Security Essentials Certification
GIAC Security Leadership Certification
ISACA Certified Information Security Manager
Microsoft Certified Systems Engineer: Security
(ISC)2 SCCP
(ISC)2 CISSP
(ISC)2 ISSAP
Knowledge & Experience
Experience managing firewalls, office networks, and VPN connections
Experience in enterprise security architecture design
Experience in enterprise security document creation
Experience in designing and delivering employee security awareness training
Experience in automating server and middleware setup is highly desirable
Experience with cloud-based infrastructure such as AWS is highly desirable, especially the automated setup of that infrastructure
Experience with configuring and managing popular open source middleware and database applications is a plus (such as docker, nginx, postgresql, ruby on rails, sidekiq, redis, etc.)
Experience with Ansible or Terraform is also a plus
ABOUT US
We are Altvia, a premier Salesforce.com partner that operates at the intersection of finance and technology. We deliver software solutions for Private Equity Fund Managers and Investors. At Altvia, we believe that exceptional employees are not only the key to our success, but also to our customers’ success.
Our products are all cloud-based, with a mixture of technologies that include Ruby on Rails, Ruby/Sinatra, JavaScript (React framework), and Salesforce technologies, with many of the applications hosted on Amazon AWS.
What We Have
We are a big family here at Altvia and we want new team members to know about our company culture which includes company traditions like Crock Pot Wednesday, annual ski trips, ping pong tournaments, etc. that help us to foster our unique environment
Our company values define and guide our culture
We value flexibility and a healthy work/life balance
We provide an opportunity to work for an entrepreneurial minded company in an exciting phase of growth
We offer a competitive compensation package including 100% paid coverage for the employee for Health, Dental, Life and Disability benefits (and generous coverage for dependents)
Generous Paid Time Off Policy with PTO and lots of company paid Holidays
401(k) with matching and participation in equity plan after a 6 month waiting period
This position is a full time position based in our Broomfield, CO office. No relocation assistance is provided.
Altvia is an Equal Opportunity Employer.