Security Engineer (Contract) at ButterflyMX®

Founded in 2014, ButterflyMX is on a mission to empower people to open and manage doors & gates from a smartphone. Our products are installed in more than 10,000+ multifamily, commercial, gated communities, and student-housing properties worldwide, including properties developed, owned, and managed by the most trusted names in real estate.

Our features are designed for developers, owners, property managers, and tenants. And our products lower operating costs and improve tenant satisfaction. Developers and owners no longer need to run building wiring or install in-unit hardware. Property managers can grant building access, revoke permissions, and review entry logs from an online dashboard. Residents can open doors from their smartphones, issue visitor access, and see who is trying to enter the building.

Fantastic people are the key to our success. As a distributed, primarily remote workforce, we’re looking for more intelligent, passionate, collaborative, and down-to-earth individuals to join our growing team. Our culture is transparent and flexible; our benefits range from a 401(k) match to quarterly stipends for self-care. While we work incredibly hard to improve the experience of everyone who lives, works, and visits our communities, we always have time for a good laugh. 

We are looking for a seasoned Security Engineer with expertise in Elastic Defend and Elastic SIEM deployments and management. The ideal candidate will have a strong background in incident management response, threat and vulnerability management, application security, and AWS security.

***This is a temporary/contract position for 4 months***

Responsibilities:

• Elastic Defend and Elastic SIEM Management: Deploy, configure, and manage Elastic Defend and Elastic SIEM solutions to monitor and protect our infrastructure.
• Incident Management Response: Lead and coordinate incident response efforts, including detection, analysis, containment, eradication, and recovery. Develop playbooks and runbooks.
• Threat and Vulnerability Management: Manage vulnerability remediation efforts, ensuring adherence to SLAs
• AWS Security: Implement and manage security best practices in our AWS environment, including IAM, WAF, security groups, VPC configurations, Security Stack configuration, and monitoring.
• Application Security: Perform security assessments of applications, identify security flaws, and recommend corrective actions. Train Developers and other engineering team members on application security.
• Collaboration: Work closely with cross-functional teams to ensure security 
• measures are integrated into all aspects of the development and deployment processes.
• Documentation: Maintain detailed documentation of security incidents, configurations, and procedures.

Requirements

• Minimum of 5 years of experience in a security engineering role.
• Elastic Expertise: Proven experience with Elastic Defend and Elastic SIEM deployments and management.
• Proficiency with deploying, operationalizing & managing security solutions in a remote first organization, with a cloud tech stack built for providing SaaS. 
• AWS Security SME - experiential knowledge of securing EC2, S3, Lambda, EKS
• AWS Security Stack Experience - WAF, Inspector, Security Hub, GuardDuty, etc..
• Security Overlay Solutions: EDR, SIEM, CNAPP/CSPM, DSPM, DLP, IDS/IPS..
• Google Workspace, Apple, Windows, MDM, Secure Email Gateway
• Incident Response: Strong expertise in incident management and response.
• Threat Management: In-depth knowledge of threat and vulnerability management practices.
• Application Security: Experience in conducting application security assessments and implementing security controls. 
• Demonstrated ability to educate an engineering audience about technical application security vulnerabilities, i.e., OWASP Top Ten, OWASP API Security Top 1
• Relevant certifications such as Terraform Certified, AWS Certified Security – Specialty, or similar are a plus.
• Excellent problem-solving skills, attention to detail, and the ability to work independently and as part of a team.
• Strong verbal and written communication skills.