Senior SecOps Engineer
Engineering Remote (Poland) Remote (Portugal) Remote (Ukraine)
About team:
PandaDoc is looking for talented security engineers focused on security operations activities to join the Security team. SecOps engineers focused on enabling product teams in streamlining incident management and vulnerability management processes.
In this role, you will:
- Monitor and test information systems to identify vulnerabilities
- Execute or manage mitigation remediation of identified vulnerabilities
- Respond to security incidents and performs root cause analysis
- Assess and understand PandaDoc’s current security framework and future architecture, providing recommendations for risk reduction
- Design and evangelize automated security capabilities
- Serve as a security expert in application development and microservice design
- Analyze and monitor relevant security threats and prevention measures based on industry trends and standards with reference to business specifics
Our stack:
- Service-oriented architecture but be prepared to deal with legacy code as well and monolithic services based on Django framework
- Two main stacks: Java and Python
- Java services based on Spring Boot with custom extensions, Java 11, and Gradle as a build tool
- Python services are mostly written using AsyncIO frameworks and libraries, but we also have Django-based services with Celery workers under the hood
- Amazon Web Services
- Main cross-service communication transports are NATS, Kafka, and RabbitMQ
- Prometheus stack for monitoring and alerting
- Jaeger for distributed tracing
About you:
- 3+ years’ experience with security management tools, including IDS/IPS, WAF, SIEM, and vulnerability scanners
- 2+ years’ experience with cloud provider ecosystems (Amazon Web Services, Microsoft Azure, etc) with reference to security aspects and best practices
- Practical experience in web application security testing methodologies and remediation approaches (OWASP, SANS, NIST, etc)
- Understanding Access Control and Identity Access Management principles (SAML 2.0, OAuth, JWT, etc)
- Understanding DevSecOps methodology
- Solid interpersonal, written, and verbal communication skills
- Intermediate English level (B1+)
Company Overview:
PandaDoc empowers more than 40,000 growing organizations to thrive by taking the work out of document workflow. PandaDoc provides an all-in-one document workflow automation platform that helps fast scaling teams accelerate the ability to create, manage, and sign digital documents including proposals, quotes, contracts, and more. For more information, please visit https://www.pandadoc.com.
Company Culture:
We're known for our work-life balance, kind co-workers, & creative virtual team-bonding events. And although our Pandas are located across the globe, we stay connected with the help of technology and ensure that everyone on our team feels, well, like a team.
Pandas work best when they're happy. We retain our talent by upholding our values of integrity & transparency, and selling a product that changes the lives of our customers.
Check out our LinkedIn to learn more.
Benefits:
- An honest, open culture that emphasizes feedback and promotes professional and personal development
- An opportunity to work from anywhere — our team is distributed worldwide, from Lisbon to Manila, from Florida to California
- An annual personal budget for educational classes, conferences, etc. — anything to further your professional knowledge
- A competitive salary
- And much more!