Lead Infrastructure Security Engineer

Vollzeit
Melbourne VIC, Australia
vor 4 Monate

Join us on our mission to make a better world of work. 

Culture Amp is the world’s leading employee experience platform, revolutionizing how 25 million employees across more than 6,500 companies create a better world of work. Culture Amp empowers companies of all sizes and industries to transform employee engagement, drive performance management, and develop high-performing teams. Powered by people science and the most comprehensive employee dataset in the world, the most innovative companies including Canva, On, Asana, Dolby, McDonalds and Nasdaq depend on Culture Amp every day.

Culture Amp is backed by leading capital venture funds and has offices in the US, UK, Germany and Australia. Culture Amp has been recognized as one of the world’s top private cloud companies by Forbes and most innovative companies by Fast Company.

For more information visit cultureamp.com.

How you can help make a better world of work

As a Lead Infrastructure Security Engineer, you will play a key role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure and application security controls.

Using your extensive AWS experience, you will engineer robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration.

You also won’t be doing this alone. As the Infrastructure Security Engineering lead, you will combine your technical excellence and people leadership skills to lead and inspire your small team of talented security engineers.

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.  

You will 

  • Demonstrate innovative security approaches to Cloud Native operating environments.
  • Lead the implementation, and contribute to the design and operation of, security solutions across the Culture Amp environment. This includes engaging with all areas of the business and negotiating approaches, scopes, tasks and timelines as applicable, and leveraging resources from multiple teams to achieve outcomes. 
  • Conduct security assessments and reviews
    • Undertake the evaluation of applications, infrastructure, and code to identify vulnerabilities or non-compliance with security and engineering standards,
    • Support security assessments for Culture Amp solutions, and
    • Assist and support audit activity where required, including maintenance of audit records.
  • Respond to security queries from team members across the organisation and champion security in key forums.
  • Contribute your subject matter expertise to the development and improvement of policies, processes, standards. 
  • Bring, and demonstrate consistently, a continual improvement mindset to the role.
  • Develop documentation on security tools and services
    • Actively and strongly contribute to the writing and upkeep of documentation on security tools, services and project work. 
    • Identify and resolve gaps in documentation.
    • Strongly perform documentation reviews and provide actionable improvements.
  • Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely.

You have 

You have the following technical capabilities:

  • Strong experience with most/all of the following security technologies:
    • Identity and Access Management Providers 
    • Cloud Security Posture Management (CSPM)
    • Data Loss Prevention (DLP)
    • Endpoint Detection and Response (EDR)
    • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) 
    • Network Firewall
    • Security information and event management (SIEM)
    • Vulnerability Management tooling
    • Web Application Firewall (WAF)
  • Both broad and deep experience and knowledge of AWS across the following areas:
    • Compute
    • Storage
    • Networking
    • IAM
    • Security, Controls and Governance
  • Infrastructure as Code:
    • Strong and demonstrable experience with modelling and writing all the infrastructure layers as code within AWS.
    • Ability to identify, analyse and resolve situations where a compromise may need to be made during writing of infrastructure-as-code.
    • The ability and willingness to mentor others on the benefits, approach and implementation of infrastructure-as-code.
  • Demonstrable experience with the following tools (or equivalents):
    • Visual Studio Code
    • Git
    • Code linting tools
    • AWS CLI
    • Typescript (NodeJS), Golang, or Python

We are looking for humans, not machines, and so you will bring these personal attributes:

  • A demonstrable excellence in both written and verbal communication and collaboration. 
  • Flexible and resilient, especially when dealing with unexpected changes and issues.
  • Prioritisation:
    • Comfortable making large prioritisation decisions, sometimes with minimal information at hand. This can be at an individual level, or at the team level.
    • Able to identify prioritisation conflicts and take the lead to resolve at team level.
  • Work Style:
    • Strong ability to lead, and follow, team members where appropriate
    • Strong ability to work independently for long periods of time.
  • As the Cybersecurity and Cloud industries change so fast, you can demonstrate a continual learning mentality.
  • Regularly identify and solve large / cross-team problems or opportunities independently.
  • The ability to respond to security events outside of usual work hours on a rostered basis.
  • Certifications, Education and Experience
    • Formal education or equivalent applicable experience required.
    • Industry recognised infrastructure or security qualifications highly advantageous.

We believe that our employees are the heartbeat of our success. We're committed to fostering a work environment that truly cares for and develops its people, and creates lasting positive impact. In addition to providing a competitive compensation package, some of the key benefits we offer are: 

  • Employee Share Options Program: We empower you to be an owner in Culture Amp and share in our success
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support to sustain the wellbeing, safety and development of our people
  • Monthly Camper Life Allowance: An automatic allowance paid out each month with your pay - you can spend it however you like to help improve your experience and life outside work
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses: A quarterly company-wide shutdown day in each region to to collectively pause, reset and focus on restoration and rest, without having to tap into individual vacation time
  • Extended year-end breaks: An extended refresh period at the end of year
  • Excellent parental leave and in work support program available from day 1 of joining Culture Amp
  • 5 Social Impact Days a year to make a positive impact on the community outside of work
  • MacBooks for you to do your best & a work from home office budget to spend on setting up your home office
  • Medical insurance coverage for you and your family (Available for US & UK only) 

Additionally, we don't just focus on our internal community; we believe in creating a better world of work for all. We're committed to diversity, equity, and inclusion, with Employee Resource Groups and ally communities in place. 

We have a strong commitment to Anti-Racism, and endeavor to lead by example. Every step we make as a business towards anti-racism is another step we can take to support our customers in making a better world (of work). You can see our current commitments to Anti-Racism here.

Please keep reading...

Research shows that candidates from underrepresented backgrounds often don't apply for roles if they don't meet all the criteria – unlike majority candidates meeting significantly fewer requirements.

We strongly encourage you to apply if you’re interested: we'd love to know how you can amplify our team with your unique experience!

Thank you for taking the time to read this advert. If you decide to apply, as part of your application, we will ask you to complete voluntary diversity questions (excluding Germany). Please watch this video from our amazing DEI Leader, Aubrey Blanche to share more on why we collect the data and how we will use it. 

 

 

If you require reasonable accommodations or adjustments to complete the online application or to participate in the interview process, please contact accommodations@cultureamp.com  and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.