Senior Infrastructure Security Engineer

Full Time
Melbourne VIC, Australia
2 weeks ago

Join us on our mission to make a better world of work. 

Culture Amp is the world’s leading employee experience platform, revolutionizing how 25 million employees across more than 6,500 companies create a better world of work. Culture Amp empowers companies of all sizes and industries to transform employee engagement, drive performance management, and develop high-performing teams. Powered by people science and the most comprehensive employee dataset in the world, the most innovative companies including Canva, On, Asana, Dolby, McDonalds and Nasdaq depend on Culture Amp every day.

Culture Amp is backed by leading venture capital funds and has offices in the US, UK, Germany and Australia. Culture Amp has been recognized as one of the world’s top private cloud companies by Forbes and most innovative companies by Fast Company.

For more information visit cultureamp.com.

What is the opportunity for you?

As a Senior Infrastructure Security Engineer, you will play a major role in our efforts to continuously secure the Culture Amp platform, meeting evolving threats through the implementation of infrastructure security controls.

Your extensive AWS and software development experience will engineer robust solutions to complex security challenges, while simultaneously working to reduce friction through automation and integration. You will also have the opportunity to lead complete work themes from ideation through to completion (under the guidance of your Lead Infrastructure Security Engineer).

This role is a unique and challenging opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.

In this role you will be expected to provide informal technical leadership when required (with full support from the team’s Lead Infrastructure Security Engineer).

Your Role

In this role, you will:

  • Demonstrate, with occasional guidance as required, innovative security approaches in Cloud Native operating environments.
  • Respond to queries from team members across the organisation and champion security in key forums, security assessments and auditing
  • Assist and support audit activity where required, including maintenance of audit records.
  • Support security assessments for Culture Amp solutions.
  • When appropriate, select, implement, and maintain appropriate security controls.
  • Actively contribute your subject matter expertise in the development and improvement of policies, processes, standards.
  • Bring, and demonstrate consistently, a continual improvement mindset to the role.
  • Be strongly involved in the design and implementation of solutions from ideation to completion. At times this involvement may include:
    • Engaging others across team and division boundaries.
    • Contrasting alternative approaches and providing recommendations.
    • Assisting in the negotiation of timelines and scope of work.
  • Documentation on security tools and services
    • Positively contribute to the writing and upkeep of documentation on security tools, services and project work.
    • Identify, and co-ordinate the closure of, gaps in documentation.
    • Perform documentation reviews and provide actionable improvements.
  • Build tooling, services and solutions to accelerate other teams in delivering features and infrastructure securely

You Have

You have the following technical capabilities:

  • Extensive experience with the following tools (or equivalents):
    • Visual Studio Code
    • Git
    • Code linting tools
    • AWS CLI
    • Typescript (NodeJS) and/or Python
  • Demonstrable knowledge and experience in the software development philosophies below. The ability to educate others, or act as a subject matter expert (SME), in some of these philosophies is strongly preferred:
    • Branching strategies, such as Trunk Based Development.
    • Verification approaches; TDD, BDD, etc.
    • 12-Factor Applications.
    • Hexagonal Application Architectures (aka Ports and Adaptors).
    • Design Patterns.
    • Principles of Object Oriented Design (S.O.L.I.D).
  • Experience with most/all of the following security philosophies:
    • Authentication and Authorisation
    • Cloud Security Posture Management (CSPM)
    • Data Loss Prevention (DLP)
    • Endpoint Detection and Response (EDR)
    • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
    • Network Firewall
    • Security information and event management (SIEM)
    • Vulnerability Management
    • Web Application Firewall
  • Broad knowledge and experience that encompasses the following areas of AWS, with demonstrable deep experience across at least one area:
    • Compute
    • Storage
    • Networking
    • IAM
    • Security, Controls and Governance
  • Infrastructure as Code
    • Strong and demonstrable experience with modelling and writing an infrastructure layer as code within AWS. As an example, this could be the computer layer for running a suite of containers.
    • Ability to identify and call out where tradeoffs may need to be made during writing of infrastructure-as-code.
    • The ability and willingness to mentor others on the benefits and implementation of infrastructure-as-code.

You Are

We are looking for humans, not machines, and so you will bring these personal attributes:

  • Strongly demonstrable skills in both written and verbal communication and collaboration.
  • Flexible and resilient, especially when dealing with unexpected changes and issues.
  • Prioritisation:
    • Comfortable making prioritisation decisions, sometimes with minimal information at hand for themselves or individual team members.
    • Able to identify prioritisation conflicts and take the lead to resolve at an individual level.
  • Work Style:
    • Ability to work collaboratively (and at times lead) as part of a team.
    • Ability to work independently on tasks without supervision.
  • As the Cybersecurity and Cloud industries change so fast, you can demonstrate a continual learning mentality.
  • Problem Solving and Analytical Mindset
    • Regularly identify and solve larger problems or opportunities independently.
    • Occasionally identify and solve cross-team problems or opportunities with assistance.
  • The ability to respond to security events outside of usual work hours on rostered basis.
  • Certifications, Education and Experience:
    • Formal education or equivalent applicable experience required.
    • Industry recognised infrastructure or security qualifications highly advantageous.
 

 

We believe that our employees are the heartbeat of our success. We're committed to fostering a work environment that truly cares for and develops its people, and creates lasting positive impact. In addition to providing a competitive compensation package, some of the key benefits we offer are: 

  • Employee Share Options Program: We empower you to be an owner in Culture Amp and share in our success
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support to sustain the wellbeing, safety and development of our people
  • Monthly Camper Life Allowance: An automatic allowance paid out each month with your pay - you can spend it however you like to help improve your experience and life outside work
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses: A quarterly company-wide shutdown day in each region to to collectively pause, reset and focus on restoration and rest, without having to tap into individual vacation time
  • Extended year-end breaks: An extended refresh period at the end of year
  • Excellent parental leave and in work support program available from day 1 of joining Culture Amp
  • 5 Social Impact Days a year to make a positive impact on the community outside of work
  • MacBooks for you to do your best & a work from home office budget to spend on setting up your home office
  • Medical insurance coverage for you and your family (Available for US & UK only) 

Additionally, we don't just focus on our internal community; we believe in creating a better world of work for all. We're committed to diversity, equity, and inclusion, with Employee Resource Groups and ally communities in place. 

We have a strong commitment to Anti-Racism, and endeavor to lead by example. Every step we make as a business towards anti-racism is another step we can take to support our customers in making a better world (of work). You can see our current commitments to Anti-Racism here.

Please keep reading...

Research shows that candidates from underrepresented backgrounds often don't apply for roles if they don't meet all the criteria – unlike majority candidates meeting significantly fewer requirements.

We strongly encourage you to apply if you’re interested: we'd love to know how you can amplify our team with your unique experience!

Thank you for taking the time to read this advert. If you decide to apply, as part of your application, we will ask you to complete voluntary diversity questions (excluding Germany). Please watch this video from our amazing DEI Leader, Aubrey Blanche to share more on why we collect the data and how we will use it. 

 

 

If you require reasonable accommodations or adjustments due to a disability to complete the online application or to participate in the interview process, please contact accommodations@cultureamp.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.