Exabeam is the Smarter SIEM™ company. We help security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with excessive logging fees, missed distributed attacks and unknown threats, or manual investigations and remediation. With the modular Exabeam Security Management Platform, analysts can collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response, both on-premise or in the cloud. Exabeam Smart Timelines, sequences of user and device behavior created using machine learning, further reduce the time and specialization required to detect attacker tactics, techniques and procedures.
Exabeam is seeking a Cloud Systems Engineer to work closely with our Cyber Security, Program Management, Engineering and Cloud Operations teams -- in collaboration for our FedRAMP systems build-out. In this IT group based role... this role will select, design,deploy, maintain and troubleshoot various complex Cloud infrastructure tools. This position will provide the technical expertise to evaluate products, and build upon an infrastructure that supports a rapidly expanding environment, leveraging a strong understanding of building highly fault tolerant, scalable and secure systems within cloud environments (primarily AWS and GCP).
Technical familiarity should include:
1. Vulnerability Scanning solutions
2. Endpoint Security and Cloud Security solutions
3. WAF / DDoS / network traffic acceleration solutions
4. Cloud ready Identity Management and SSO solutions
5. VPN, Edge SD-WAN, IDS, NG Firewalls solutions
6. Cloud based issue tracking systems for software development
7. Familiar with FISMA, NIST 800 series, Federal RMF and ability to articulate such guidelines, policy and processes
This role will work closely with the GRC, Program Management & InfoSec teams to ensure the ongoing effectiveness of Cyber Security controls (automated, manual, and needing development), working with a variety of control owners within the Cyber Security organization, and executing on control design and standards in a variety of program areas.
• Ensuring the highest level of Cloud systems and infrastructure availability, performance and security.
• Managing and monitoring deployed Cloud IT systems and infrastructure.
• Installing, configuring, integrating, testing and maintaining operating systems, application software and system management tools.
• Maintain awareness of the security risk management roadmap, aligning regulatory requirements and Engineering’s product deliverables.
• Working knowledge of network security concepts and best practices, operating system hardening, network device hardening, and experience with network security assessments with respect to common vulnerabilities associated with ICS
• Authoring and maintaining security documentation such as System Security Plans, Risk Assessment, ST&E Plans, Incident Reports, POA&Ms, and overall Cloud systems footprint.
• Technical familiarity with policy and control frameworks supporting various standards including FedRAMP, PCI DSS, HIPAA, SOC 2 and privacy and data protection laws.
• Initiating contact with vendors, managing product assessments and scrutinizing vendor’s technical claims.Qualifications
• Given the nature of work on initiatives for our federal contracts, US Citizenship is required.
• B.S. degree or equivalent work experience in IT, Cloud Operations, Cyber Security, risk management.
• Experience with Agile methodologies and DevSecOps for designing, developing, and delivering using appropriate automation techniques and tools including Ansible, Terraform, Python, Puppet, and Chef, and scripting languages to automate tasks including Bash, Python.
• Should have direct hands-on participation and experience in building and maintaining complex Cloud based systems in GCP and / or AWS environments, including ICS processes, installation, components, configuration, and acquisitions.
• Experience with using and managing continuous integration (CI) and continuous delivery (CD) pipeline solutions; including Jenkins, Bamboo, Travis CI and GitLab CI.
• Familiarity with common industry security policy areas, including, but not limited to ISO/IEC 27001, NIST, FedRAMP, PCI DSS, SOX, SSAE16, and others.
• Knowledge of security best practices and controls applied to address security risks.
• Self motivated and directed.
• You should have experience working cross-functionally and successfully collaborating with technical and business teams.
• You should be able to juggle multiple, challenging priorities and exhibit appropriate levels of urgency.Exabeam is privately funded by Lightspeed Venture Partners, Cisco Investments, Norwest Venture Partners, Acrew Capital, Icon Ventures, and investor Shlomo Kramer. For more information visit https://www.exabeam.com or follow us on LinkedIn and Twitter