We’re looking for talented professionals, anywhere in the United States, to join us in bringing smart money management and payment solutions to everyone’s fingertips.
At Green Dot, we are evolving to a new and permanent “Work from Anywhere” model designed to maximize the benefits of remote work, promote and enable a strong culture of performance and connectedness, and attract the best and brightest talent who align with our entrepreneurial spirit and mission.
<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
JOB DESCRIPTION
The Lead Cloud Security Engineer, will partner with Software Engineers, Security Engineers, Compliance, and Legal to build secured cloud environments, threat detection and response engineering for Green Dot Cloud's services. You will be an integral part of the Green Dot Cloud engineering processes, responsible for the discovery, assessment, triage, and remediation of security events and threats impacting Green Dot’s Cloud. You will be identifying gaps in current detections and system coverage, creating custom detection-as-code to automate and detect advanced and novel threats, perform investigations for sophisticated and previously unknown threats, automate real-time responsive actions, and building and operating systems to automate detection and remediation for protecting Green Dot's cloud services.
A successful candidate will have experience building and operating as a cloud security engineer in a Traditional IT infrastructure and DevOps environment. This will include building detections-as-code in Git, establishing and tuning cloud detection engineering and response efforts, building cloud-native playbooks and automated run-books for security detection and response, and drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities.
What you'll do:
Build and operate Green Dot Cloud's security systems for automated detections and responses as code using DevOps tools and practices in Azure and AWS
Proactively identify risks and malicious activity in our cloud infrastructure and systems
Analyze systems, logs, events, and alerts for signs of malicious activity
Write custom detections rules and tools to monitor, analyze, and detect malicious activity
Build automation for response and remediation of malicious and anomalous activity
Drive implementation of countermeasures, mitigations, and containment
Collaborate with engineering, IT, and other security teams to develop scalable and flexible solutions for defending Green Dot’s Cloud from low-level actors to nation state actors
Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Provide feedback into Green Dot products, modules, and services to improve cybersecurity capabilities as an internal customer with real-world experiences.
Be on periodic on-call for triage of critical alerts from detections
We're looking for someone with:
Education
Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
Experience
4+ years of experience in building automated security event prevention, detection, response, with at least 2 of those years for cloud systems (e.g. AWS, Azure).
2+ years of experience building security tools in Python or GoLang using DevOps application development practices (e.g. Git, JIRA, Kanban) and deployment (e.g. Jenkins, GitHub Action Runners, CloudFormation, Terraform)
2+ years of experience in threat hunting tactics and techniques in Linux, containers, and serverless systems to proactively identify known and unknown cyber threats, advisory behaviors, and anomalies
Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) (e.g. MITRE ATT&CK, building threat intelligence, etc.)
Experience with building and operating a SIEM in cloud (i.e. Splunk, Sentinel, etc.) or cloud-based security analytics tools (e.g., Jupiter Notebook, etc. ) for cloud security data search and analysis operations.
Experience designing and building defense-in-depth security monitoring to aid in detection, triage, analysis, and response
Working with industry security and risks standards (e.g. FedRAMP Moderate, PCI DSS, SOC2, ISO 27001, CIS Benchmarks) for sensitive data protections
POSITION TYPE
RegularPAY RANGE
The targeted base salary for this position is $98,400 to $150,300 per year. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
Green Dot promotes diversity and provides equal opportunity for all applicants and employees. We are dedicated to building a company that represents a variety of backgrounds, perspectives, and skills. We believe that the more inclusive we are, the better our work (and work environment) will be for everyone. Additionally, Green Dot provides reasonable accommodations for candidates on request and respects applicants' privacy rights.
TUI Musement
By Light Professional IT Services
Netflix
Arctic Wolf
The Voleon Group
