We are looking for a motivated individual to join our team who is interested in performing a hybrid role.

As Security &IT Manager / DevOps Engineer, you will perform several core functions and roles.   The first is overseeing the continued development of the company’s ISO 27000 aligned Information Security program.  The second is to manage the company’s internal Information Technology assets and systems. The third is to perform DevOps administration of our products’ AWS cloud-based infrastructure.

The Security & IT Manager role is expected to interface with the leaders of all internal teams to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation.

The DevOps Engineer role is expected to be performed as an integral member of the product development team, working closely with the developers to automate the provisioning/configuring of our cloud-based infrastructure, as well as mechanisms to perform zero-downtime deployments of code releases to that infrastructure.

You must be able to work well and get along with others, and have a strong desire for professional development.

KEY RESPONSIBILITIES

Security - Strategy & Planning (20%)

• Create and maintain the enterprise’s security architecture design.

• Create, and maintain the enterprise’s security awareness training program.

• Create and maintain the enterprise’s security documents (policies, standards, baselines, guidelines and procedures).

• Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.

Security - Acquisition & Deployment (20%)

• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.

• Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

• Respond to client security due diligence requests regarding internal and product Security policies

Security & IT - Internal Systems Management (10%)

• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories

• Ensure the enforcement of enterprise security documents

• Supervise all investigations into problematic activity and provide ongoing communication with senior management

• Supervise the design and execution of vulnerability assessments, penetration tests and security audits

• Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents

• Manage 3rd party service providers to ensure services and security solutions provided deliver according to Security Requirements outlined in SLA and contract agreements

• Procurement, provisioning, and decommissioning of all hardware assets (primarily laptops, phones, routers, and printer)

• User management for all internal software (all SAAS products)

• User management for internal physical access systems (key fobs & security system)

DevOps Engineer (50%)

• Work closely with the development team on a regular basis to support ongoing infrastructure needs

• Automate the provisioning of AWS cloud-based infrastructure (Servers, Volumes, Load Balancers, Virtual Networks, Security Groups, Firewalls, etc.) to allow on-demand creation of various product environments (dev, test, production, etc.)

• Automate the configuration of infrastructure and servers including middleware applications (Web Servers, Application Servers, Docker, Postgres, etc.) for various product environments

• Automate the verification / testing of infrastructure setups

• Automate regular zero-downtime deployment mechanisms (code and/or new infrastructure)

• Monitor infrastructure

• Manage security updates

• Manage disaster recovery mechanisms

• Manage backup mechanisms

• Assist in controlling infrastructure costs based on defined budgets

REQUIREMENTS

• College diploma or university degree in the field of computer science, information technology and/or 3-5 years equivalent work experience.

• Bonus points if working toward or has one or more of the following certifications:

• GIAC Security Essentials Certification

• GIAC Security Leadership Certification

• ISACA Certified Information Security Manager

• Microsoft Certified Systems Engineer: Security

• (ISC)2 SCCP

• (ISC)2 CISSP

• (ISC)2 ISSAP

Knowledge & Experience

• Experience managing firewalls, office networks, and VPN connections

• Experience in enterprise security architecture design

• Experience in enterprise security document creation

• Experience in designing and delivering employee security awareness training

• Experience in automating server and middleware setup is highly desirable

• Experience with cloud-based infrastructure such as AWS is highly desirable, especially the automated setup of that infrastructure

• Experience with configuring and managing popular open source middleware and database applications is a plus (such as docker, nginx, postgresql, ruby on rails, sidekiq, redis, etc.)

• Experience with Ansible or Terraform is also a plus

ABOUT US

We are Altvia, a premier Salesforce.com partner that operates at the intersection of finance and technology. We deliver software solutions for Private Equity Fund Managers and Investors.  At Altvia, we believe that exceptional employees are not only the key to our success, but also to our customers’ success.

Our products are all cloud-based, with a mixture of technologies that include Ruby on Rails, Ruby/Sinatra, JavaScript (React framework), and Salesforce technologies, with many of the applications hosted on Amazon AWS.

What We Have

• We are a big family here at Altvia and we want new team members to know about our company culture which includes company traditions like Crock Pot Wednesday, annual ski trips, ping pong tournaments, etc. that help us to foster our unique environment

• Our company values define and guide our culture

• We value flexibility and a healthy work/life balance

• We provide an opportunity to work for an entrepreneurial minded company in an exciting phase of growth

• We offer a competitive compensation package including 100% paid coverage for the employee for Health, Dental, Life and Disability benefits (and generous coverage for dependents)

• Generous Paid Time Off Policy with PTO and lots of company paid Holidays

• 401(k) with  matching and participation in equity plan after a 6 month waiting period

This position is a full time position based in our Broomfield, CO office.  No relocation assistance is provided.

Altvia is an Equal Opportunity Employer.