Security Operations Specialist
Gloo, headquartered in beautiful Boulder, Colorado, builds software for people and organizations dedicated to improving lives. We’re leveraging the same exponential tech that’s driving success in other industries and making it available through tools such as big data, custom assessments, an engagement app, and eventually an entire market network focused on growth. As one of Boulder’s most successful and innovative tech companies, Gloo needs more talented professionals who are driven to make a positive impact on humanity. Are you one of them?
You’ll join us as the newest member of the Security, Privacy and Compliance team working cross-functionally to administer and enhance our security program. You’ll help us build ‘trust-by-design’ into our organization and all of the products and services we build and support for champions and the communities they serve. You are relatively early in your security career, hungry for growth, and but are excited to put your education and experience to work where it really matters.
What you'll be doing:
- Serving as a full-time member of the Security, Privacy and Compliance team, collaborating with colleagues from the Support, Trust, and Engineering and Product teams to define, deploy and scale our cybersecurity and privacy capabilities
- Serving as a member of the cybersecurity incident response team, maintaining procedures, orchestrating tests of the plan and acting as situation coordinator during actual events
- Partnering with product management and software engineering team members to establish DevSecOps processes and capabilities in an AWS environment.
- Establishing and running Gloo’s vulnerability management program
- Managing and continuously improving Gloo’s ability to monitor, detect and respond to security events
- Managing the company’s vendor risk management program
- Administering Gloo’s Security Awareness & Training program
What you’ll bring to the position:
- BS in information security, computer science, software engineering or related discipline
- At least 2 years of professional experience as a cybersecurity analyst or consultant
- Cybersecurity and/or privacy domain expertise demonstrated by coursework or certifications like AWS Certified Security - Specialty, CCSP, CISSP, Security+, CISM, or CIPP/CIPM
- An understanding of the AWS shared security responsibility model
- Strong communication skills with the ability to share your knowledge and encourage others to embrace our security/privacy programs
- An understanding of the NIST Cybersecurity Framework and 800-53 controls catalog along with common security and privacy regulations (e.g., GDPR, HIPAA, CCPA, or FedRAMP) E
- Training, certifications and hands-on experience with AWS Security Services such as Guard Duty, IAM, Inspector, KMS, Macie, Secrets Manager and Security Hub are a strong plus.
Our Team members enjoy:
- Compensation and bonus commensurate with experience
- Plenty of time off to keep you balanced
- Medical with HSA contribution
- A dynamic, talented team, dedicated to changing the world and building an incredible business
- Beautiful office space in downtown Boulder on Pearl Street, steps from coffee shops and blocks from hiking trails
- Company Happy Hour Fridays
- Fresh fruit, snacks, coffee and sodas
Applications welcome for those who are US Citizens or hold a Green Card.