IT Operations Security Engineer

Posted Aug 3

Description of Duties

Within the IT Ops Security Engineering role, you will be responsible for connecting the day-to-day and long term initiatives between the IT Operations and Security groups here at Grafana Labs, in support of building an enabling, collaborative security culture.

You will be tasked with informing, planning and implementing the foundation of various business critical IT security strategies. Projects running the gamut of automation to access control to MDM policy to hardware token roll-outs to endpoint security are some of the challenging project backlog items you can expect to dive into beginning on your first day.

You will collaborate closely with Grafana's Security group to identify, design and implement policy changes, push improvements, report vulnerabilities, propose resolutions, audit internal applications, and much more.

We are a modern, startup/scaleout and cloud-native organization, so you should be able to bring ideas and approaches that align to this.

In essence, you will be the vigilant eyes over Grafana's corporate IT platforms and infrastructure and the curator of IT experiences that combine sufficient security with a great user experience - continually intent to improve our security stature while working through our planned on-going efforts.

For an idea of the kind of security culture and approach we're trying to build, check out this blogpost.

Key Responsibilities

  • Roll-out and coordinate any IT Ops security related projects which include, but not limited to, endpoint security programs, hardware tokens, etc.
  • Be the bridge between IT Operations and Security to ensure alignment, coordination and implementation of cross-functional projects, communication, working groups and more.
  • Stay up to date with industry best practices, technologies, trends, zero day notices, alerts, etc. and provide feedback to key stakeholders, determine if there is any impact internally and if required, develop plans to best prevent and remediate any potential issues or threats.
  • Work closely with Security to develop policies for endpoint and corporate application/tool protection.
  • Act as primary POC and triage partner to represent IT Ops in the event of any declared security incident.
  • Monitor and action various security related portals and automated alerting across IT Ops.
  • Build installation packages for various security software required to be installed on endpoints.
  • Be the escalation point to troubleshoot user issues with package installations.
  • Build visual data flows to document how systems interact with each other and what data is shared.
  • Develop and enforce access groups across multiple applications and platforms.
  • Audit user access across systems and tools, ideally automating this process.
  • Act as POC for IT Ops during security audits (SOC 2, ISO27001, etc)
  • Review internal processes and provide feedback to harden the process overall.
  • Create and update all documentation for systems, processes and tools related to IT Operations Security.
  • Partner with Procurement and Infosec to provide insight into IT Security requirements from current and future vendors.
  • Use Grafana itself to implement dashboards for IT Security Operations specific metrics.
  • Create and maintain IT Security Operations documentation, FAQs, and solutions.
  • Engages in research and in-depth troubleshooting to resolve technical and security related IT issues.

Requirements

  • Familiarity with tools like osquery, ossec, sysdig and similar tools
  • 3+ years experience working with endpoint security (EDR and Antivirus) such as Crowdstrike, Sophos or similar technologies.
  • 5+ years experience with Windows 10, MacOS and Linux Operating Systems.
  • 3+ years experience with SSO and SAML technologies utilizing Okta, Google, or other IDP vendors.
  • 3+ years experience with Mobile Device Management (MDM) tools such as JAMF, Workspace One or similar technologies
  • Understanding of Identity and Access Management across the different Cloud providers (GCP, AWS and Azure)
  • Strong understanding of disk encryption across MacOS, Windows and Linux.
  • Strong understanding of multiple directory services (LDAP, Azure AD, etc)
  • 3+ years experience with scripting and automation.
  • Experience with security standards and frameworks such as SOC 2 and ISO27001 (including audits)

What you'll bring to the role

  • Strong verbal and written communications skills with the ability to effectively communicate with all levels of employees and provide support globally
  • A strong IT Security mindset
  • Experience working in a "remote first" environment
  • Empathetic and collaborative
  • Strong work ethic
  • Experience working well in both a team environment and independently
  • Inquisitive demeanor with willingness to learn new technologies and responsibilities

About Grafana Labs: There are more than 950,000 active installations of Grafana around the globe, monitoring everything from beehives to climate change in the Alps. The instantly recognizable dashboards have been spotted everywhere from a NASA launch and Minecraft HQ to Wimbledon and the Tour de France. Grafana Labs also helps companies including Bloomberg, JPMorgan Chase, and eBay manage their observability strategies with full-stack offerings that can be run fully managed with Grafana Cloud, or self-managed with Grafana Enterprise Stack. The Grafana stack has grown to include four other open source projects, Grafana Loki (for logs), Grafana Tempo (for traces), Grafana Mimir (for metrics), and Grafana OnCall (for on-call management).

Benefits: For more information about the perks and benefits of working at Grafana, please check out our careers page.

A note about covid-19: All Grafanistas who wish to attend in-person events or travel for Grafana Labs must be fully-vaccinated.

Equal Opportunity Employer: At Grafana Labs we're building a company where a diverse mix of talented people want to come, stay, and do their best work. We know that our company runs on the hard work and the dedication of our passionate and creative employees.

We will recruit, train, compensate and promote regardless of race, religion, colour, national origin, gender, disability, age, veteran status, and all the other fascinating characteristics that make us different and unique. We believe that equality and diversity builds a strong organisation and we're working hard to make sure that's the foundation of our organisation as we grow.

For information about how your personal data is used once you've applied to a job, check out our privacy policy.