Sr. Information Security Engineer

Posted Jan 25

Senior Information Security Engineer

Information Technology/MIS

Remote, United States

2022-3726

Description

At Shutterfly, we make life’s experiences unforgettable. We believe there is extraordinary power in the self-expression. That’s why our family of brands helps customers create products and capture moments that reflect who they uniquely are.

This is an exciting time for Shutterfly’s Information Security team! In this position you will be an integral part of the enterprise Information Security Program. Your focus will be on systems security and automation for our growing Information Security team. Primary day-to-day responsibilities will include engineering, maturing and supporting a robust Vulnerability Management Program. Additional engineering duties to support various security tools, integration, automation, and supporting the SOC team with tool development and incident escalations. As a Senior Security Operations Engineer, you will be involved in critical security projects and day-to-day duties of the information security team as we continue to grow.

What You’ll Do Here:

  • Engineering, maturing and supporting a vulnerability management program for all Shutterfly brands to include the identification of new vulnerabilities, automated stakeholder notifications, and remediation tracking.
  • Design and build security tools and processes for integration and deployment across the enterprise
  • Serve as a technical escalation contact point for SOC personnel
  • Develop and support integration and automation within security, monitoring, reporting, and ticketing platforms
  • Help build and maintain SIEM content for detecting and responding to security events and incidents.
  • Design, implement and support cloud based security solutions for both public and private cloud infrastructures
  • Research and development of modern/next-gen security toolsets to augment existing controls
  • Build hardened configuration requirements for all technology and work with multiple teams to help implement suggested solutions.
  • Review and analyze existing processes and suggest improvements for increased security including assisting the Risk Management team with assessments
  • Conduct security research to keep abreast of latest security issues and help communicate and respond internally to mitigate any identified vulnerabilities
  • Investigate security incidents using SIEM and other Information Security tools including IDS, packet captures, reports, data visualization, and pattern analysis.

The Skills You’ll Bring:

  • Bachelors of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training.
  • 6-8 years working within Information Technology and 4-6 years specifically in Information Security
  • 1-2 years Direct experience building and maintaining a mature Vulnerability Management Program.
  • Proficient in one or more scripting languages (Python, Powershell, etc).
  • Must have understanding of various systems technologies, architecture fundamentals, next-generation technology and very strong security understanding

It is helpful, but not required to have:

  • CISSP, GSEC, GPEN, GCIA, GCIH or similar security professional certification
  • Practical experience in deployment and management of applied IT security technologies and tools such as endpoint protection, detection, and response, PIM/PAM, e-mail encryption, data loss prevention (DLP) technologies, network access control, intrusion detection/prevention systems, etc.
  • Familiarity with OWASP top 10 vulnerabilities, mitigations and their impact on application architecture
  • Experience with penetration testing tools and methodologies and the ability to conduct light red-teaming exercises

Supporting a diverse and inclusive workforce is important to Shutterfly not only because it directly reflects our value of Embracing our Differences, but also because it’s the right thing to do for our business and for our people. Learn more about our commitment to Diversity, Equity and Inclusion at Shutterfly DE&I.

The compensation package for this role is based on multiple factors, such as job level, responsibilities, location, and candidate experience. The base pay ranges included below are specific to the locations listed, and may not be applicable to other locations.

  • California : [$101,800-144,850]
  • Connecticut, New York, and Rhode Island: [$101,800-133,450]
  • Colorado and Washington: [$101,800-122,550]
  • Nevada: [$96,600-115,750]

This position may be eligible for a bonus incentive, health benefits, a 401K program, and other employee perks. More details about our company benefits can be found at https://shutterflyinc.com/benefits/.