Infrastructure & Security Operations Engineer

Department: Technical

Location: USA, Remote

Description

About us

We are Digital Science and we are advancing the research ecosystem.

We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all. We believe in better, open, collaborative and inclusive research. In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research. In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team. Want to join us?

Your new role

As an Infrastructure & Security Operations Engineer, you will be part of our wider Information Security team. Implementing and operating a secure cloud environment and the security controls protecting it.

This role partners with several areas of Digital Science and adds value through delivering and operating a robust secure hosting environment operating within a compliance framework which meets our ever evolving customer compliance requirements. You will be a founding member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements.

This role (due to Federal requirements) can only be satisfied by a "US citizen, US national, or US person" and additional checks may be required.

What You’ll Be Doing

• Work as part of a newly-formed, dedicated team responsible for US Federal customers
• Implement and manage database and application infrastructure within AWS (GovCloud)
• Work with the stakeholders from across the group, our customer-base and third-party vendors/partners, to embed and enhance security for products, services and business units under your purview.
• Implement and manage controls across several frameworks including FedRAMP and NIST primarily.
• Identifying and mitigating risks, utilising governance, risk and compliance tooling to map to DS policies and procedures while operating the environment(s) under the role
• Implementing policies and procedures in order to align with DS policies while satisfying the needs of additional frameworks including FedRAMP and NIST
• Monitoring compliance as required to maintain the FedRAMP authority to operate at the appropriate level
• Participating in audits and assessments in advance of the external audits required
  
  

What You’ll Bring To The Role

• You have relevant work experience with AWS services (e.g. EC2, S3, VPC, Route53, RDS, EKS) alongside network and information security.
• You have relevant work experience with application containers and container orchestration technologies (e.g. kubernetes, docker)
• You have used infrastructure as code tools (e.g. terraform)
• You have database infrastructure experience with PostgreSQL, Apache Solr and MongoDB.
• You have experience setting up and maintaining continuous integration and continuous deployment pipelines at scale and in Production.
• You have operated within a highly regulated/secure compliance environment such as FedRAMP (to at least 'moderate' level) or DoD IL4 with an understanding/experience of NIST-800 (53 and 218 at a minimum).
• You have a good understanding of ISO/IEC 27001 and 27701
• You're highly organised and have the ability to work on intricate details without losing the big picture
• You'll be a good communicator and comfortable communicating with people at all organisational levels and contributing to conversations around recommendations for improvements
• You have a collaborative approach to how you work and ensure all groups are communicated with and understand your process and approach
• You're a self learner and have an inquisitive mind
• You're resourceful and solutions focussed, making practical considerations for all groups involved
• You're a natural problem solver and have strong analytical skills
• Bachelor degree in Computer Science or a related field, and/or equivalent Information Security related certifications (such as CISSP).
  
  

Living our Values

We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open, efficient and effective.

The talent we secure is fundamental to us achieving our vision and our growth plans. The values we live by are:

We are brave in the pursuit of better

We are collaborative and inclusive

We are always open-minded

We are from and for the community

We're an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status

Additional Information

Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.