Senior Security Engineer

Job not on LinkedIn

2 days ago

Apply Now

Receive Emails with Similar Jobs

NetBox Labs

WebsiteLinkedInAll Job Openings

B2B • SaaS • Enterprise

NetBox Labs is the commercial steward of open source NetBox, a leading platform for operating, automating, and securing networks and infrastructure. It offers products like NetBox Cloud and NetBox Enterprise, designed to serve as a network source of truth, facilitating network automation, configuration management, and data integration for organizations. With a focus on user community and open-source development, NetBox Labs aims to simplify network management and drive efficiency in network operations.

11 - 50 employees

Founded 2023

🤝 B2B

☁️ SaaS

🏢 Enterprise

📋 Description

• Enable and guide teams to adopt DevSecOps practices, ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices. • Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross-platform synchronization and SAML. • Administer and automate GitHub Enterprise and JFrog management (users, teams, org policies, and compliance) using IaC. • Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules. • Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues. • Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least-privilege principles. • Collaborate with platform, product, and engineering teams to design secure-by-default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products. • Conduct risk assessments, tabletop exercises, and threat simulations in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated. • Lead and coordinate penetration testing efforts, including scoping, vendor engagement, and remediation tracking. • Support SOC 2 and related compliance efforts through control validation and evidence collection. • Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers

🎯 Requirements

• 5+ years in security, IT, DevSecOps, or platform engineering roles. • Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML). • Experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog. • Experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions). • Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and writing detection rules. • Strong automation skills (Python, Go) and proficiency with infrastructure-as-code (Terraform). • Familiarity with SOC 2 and security frameworks (NIST, CIS, OWASP). • Excellent communication and documentation skills.

🏖️ Benefits

• Offers Equity • Offers Bonus