Sr. Security Engineer
Who we are…
HallmarkLabs, LLC. (a subsidiary of Hallmark), based in Santa Monica, CA, is currently the parent company of two digital subscription services: Feeln.com and HallmarkeCards.com, as well as Ink & Main (an eCommerce platform for personalized greeting cards). We focus on leveraging Hallmark’s experience with creating meaningful connections with great sentiments, but pushing it into the digital age at a rapid pace and with the cutting-edge technology.
Of course, we have the normal perks for a company in Santa Monica: drinks, snacks, writable walls, collaboration spaces, casual dress, weekly catered lunches, ample/free parking - but we know that is not what you really care about. We are a small and growing company with a talented and driven group of technology professionals focused on building great things together, all while having fun!
Sr. product security engineer for cloud systems and IaaS with strong focus on automation in building, monitoring, maintaining, and alerting for security best practices. Includes Linux systems in AWS, working with Dev/QA to ensure they are adhering to secure code development and threat modeling practices. This job is all about information security, automation, IaaS, and uptime. The responsibilities will include vulnerability/audit discovery and remediation, network access control, and working across teams to ensure the products are secure and scalable to support the growing customer base. We love innovation, and support efforts that provide automated systems for the purpose of 99.99% uptime.
- Support ongoing security certifications for product compliance, audit, and vulnerability management response.
- Drive technical innovation and efficiency in information security operations via automation.
- Dive deep to resolve problems at their root, looking for failure patterns amenable to long-term solutions via simplification and automation.
- Act as a technical point of escalation & mentor for junior staff.
- Support the deployment, configuration, and administration of enterprise network security appliances and software.
- Insure that all device management adheres to Hallmark Labs’ compliance standards policy and provide the mandatory documentation to meet the compliance requirements for each device.
- Ability to analyze, configure and maintain security components within a complex Local Area Network (LAN) and Wide Area Network (WAN).
- Works with System Administrators to ensure all servers have required security compliance for patch management, anti-virus, and other threat protection.
- Works with Network Engineers to assist in the installation, configuration, testing and management of network devices and insure overall system and network security.
- Works with Application Administrators and developers to ensure that all applications are secure.
- Must be able to support off-hours on-call.
- Utilize problem solving & troubleshooting skills including ability to perform root cause analysis for preventative analysis.
- CISSP required
- 5+ years enterprise information security experience
- 3+ years of public cloud experience
- 3+ years experience with Network Intrusion Detection Systems (NIDS) and Host-Based Intrusion Detection Systems (HIDS) products.
- 3+ years experience with one or more network vulnerability scanners such as Rapid7, Trustwave, Nmap, and other vulnerability scanners.
- 3+ years experience with monitoring/alerting systems including log aggregation (SIEM) systems.
- Held a previous role with primary responsibilities including implementing and supporting highly available, redundant security solutions.
- BS in Computer Science or related fields, or equivalent experience
- OSCP, CEH and/or MCITP
- Experience with IaaS design and micro-service systems architecture.
- Experience implementing, supporting or auditing ISO/IEC 27001:2005 compliance
- Experience implementing, supporting or auditing FISMA/FedRAMP compliance
- Experience in implementing disaster recovery.
- Able to demonstrate an ability to independently solve simple to moderately complex problems.
- Able to work under minimal supervision on complex issues to deliver results on schedule.
- Proficiency in TCP/IP networking, architecture and core technologies (DNS, HTTP, Routing, LAN/WAN, etc.).
- Comprehensive verbal and written communication skills including mentoring junior staff.
- Strong organizational skills and the ability to manage a diversified workload.
- Experience working on small, cross-functional, fast paced teams.
In compliance with the Immigration Reform and Control Act of 1986, Hallmark Labs will hire only individuals lawfully authorized to work in the United States. Employment by SpiritClips is contingent upon the signing of the Employment Agreement, completing Form I-9 Employment Eligibility Verification and satisfactory reference and background checks.
SpiritClips is an equal employment opportunity employer. Qualified applicants will be considered for employment without regard to race, color, religion, sex, age, pregnancy, national origin, physical or mental disability, genetics, sexual orientation, gender identity, veteran status, or any other legally-protected status. To view your rights as an applicant please review the following EEO posters: “EEO is the Law” poster and the "EEO is the Law Supplement"
To be considered an applicant for this position you must show how you meet the basic qualifications of the job in a resume or document you upload, or by completing the work experience and education application fields. Accepted file types are Microsoft Word (DOC or DOCX), PDF, HTML, or TXT. Individual file size attachment limit is 10 MB.