Security Operations Engineer

Belgrade

Job description

Hailed as "the future of computing in the post-PC era," Frame is a revolutionary secure visual cloud platform for your Windows apps. Our customers range from startups and schools to major companies, like Adobe: we let them run all their Windows apps directly from the cloud with no code changes required.

The Frame Security team is responsible to architect, implement, and maintain company wide security operations capabilities. These implementations focus on delivering secure operations in order to transform security from a checkbox product and practices into an operation that combines products, people and processes. Systems that we build must be robust, highly available, high performing, secure, and run on large scale. We are looking for a new member to help deliver best in-class secure operations. The candidate will be responsible for implementing cloud-based security solutions in order to monitor, detect, analyze, respond and recover from advanced cyber threats facing Frame’s PaaS offering and its customers. As cyber attacks occur, this position will lead incident response processes and execute necessary after-action analysis, forensics and response procedures. The candidate will proactively simulate cyber events in order to test and enhance our defensive capabilities. The candidate will work closely with both the Technical Operations, Engineering teams and other security personnel to fill a vital role in securely protecting vital customer data.

Key Responsibilities:

• Deploys and maintains security configurations and tools within the scope of the SecOPS team
• Work with engineering teams to define and support implementation of security requirements
• Evaluate, recommend, and implement new technologies and processes that enhance security capabilities
• Work with engineers, developers, and product managers to identify security risks within the platform and any supporting infrastructure
• Conduct source code reviews of Frame capabilities
• Lead and support internal pentesting exercises and external security audits
• Test and evaluate Frame components for vulnerabilities and provide remediation recommendations to engineering teams
• Actively monitor for security breaches and malicious activities
• Provide input to corporate security policies to enable security excellence in Frame operations
• Train peers in security awareness and procedures
• Coordinate security incidents and remediation activities across engineering teams
• Enhance corporate security monitoring architectures based upon evolving security threats
• Support all employee on-boarding activities including configuring, equipment, installing software, setting up email, VPN accounts and other services, setting up accounts and access rights based on role, providing employees office access environments
• Support operations of Frame corporate infrastructure, account management/review to ensure secure operations within Frame
• Recovery of company assets, account management organizational manager support for departing employees
• Maintenance and support of office file servers, server room, office networks and shared equipment

Due to time zone difference, some availability after business hours expected. The position assumes trips to San Mateo, California and Washington, D.C. a few times a year. Solving hard problems requires highly talented people, and we compensate accordingly.

What we expect:

• Fluent in English, verbal and written
• Experience with managing and administering Google and Microsoft Office 365 Suite
• Experience with complex networking technologies including firewalls, VPN, routing, switching, load balancers, monitoring, PKI and DNS
• Expert level skills in Unix/Linux system administration
• Expert level ability to script/code in multiple languages including python, terraform, ansible, etc...
• Hands-on experience with implementing and customizing logging or Security Information and Event Management (SIEM) solutions
• Expert level experience with log analysis and correlation
• Experience with AWS and other cloud infrastructures and concepts
• Knowledge of cyber forensics tools and techniques
• Ability to proactively coordinate with vendors to procure IT equipment

Good to know:

• Experienced working with managing the JIRA/Confluence and other Atlassian products
• Familiar with Okta SSO solution
• Experience with ethical hacking and threat modeling

Deadline for applications: until fulfilled