Secure Cloud Engineer
ActiveCampaign's category-defining Customer Experience Automation Platform (CXA) helps over 130,000 businesses in 170 countries meaningfully engage with their customers. The platform gives businesses of all sizes access to 500+ pre-built automations that combine email marketing, marketing automation, CRM, and machine learning for powerful segmentation and personalization across social, email, messaging, chat, and text. Over 70% of ActiveCampaign's customers use its 300+ integrations including Shopify, Square, Facebook, and Salesforce. ActiveCampaign scores higher in customer satisfaction than any other solution in Marketing Automation on G2.com and is the 2020 Top Rated Email Marketing Software on TrustRadius.
As a global multicultural company, we are proud of our inclusive culture which embraces diverse voices, backgrounds, and perspectives. We don’t just celebrate our differences, we believe our diversity is what empowers our innovation and success. If this matches your goals and interests, we hope you consider joining our team!
As one of the fastest-growing SaaS companies, we are scaling rapidly to keep up with market demand. We are growing all of our teams and looking for people who share our values, deliver innovation frequently, and join us in our mission to grow our customer base from 130,000 today to millions.
The secure cloud engineering roles plays a key role in ensuring the security of our cloud infrastructure and protection of our sensitive PII data per our information security policy. This person will help identify security gaps and drive remediation activities to close those gaps. This position plays an integral role in defining and assessing the organization's security strategy, architecture and practices as well as contributes to maturing the company's infrastructure security architecture and technology frameworks.
What your day could consist of:
- Be part of the security team to drive security related initiatives including but not limited to creating/maintenance of security policies, implementation of security procedures/controls, and monitoring in conformance to the policy
- Deploy and manage applications to monitor cloud infrastructure security and intrusions
- Perform initial incident triage, determine scope, urgency, and potential impact of security incidents
- Provide guidance and work with the infrastructure team on security best practices around OS hardening, access logging, and patching
- Design, deploy, manage and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more
- Work with external auditors on compliance
- Provide security guidance to SRE / DevOps Engineering teams in the company
- Perform security gap assessments and implement remediations
- Run periodic infrastructure vulnerability scans and facilitate pen tests while working with engineering teams on identified vulnerabilities for resolution
- Work with the production operations team on securing and best practices for all our AWS accounts
- Own the overall cloud infrastructure security program
- Monitors industry security updates, changes, technologies, emerging threats and best practices for continuous improvement
What is needed:
- 5+ years of experience in Infrastructure and Information Security
- Experience with OS hardening techniques for Linux environments such as SELinux, disabling root login, sudo, password expiration, etc.
- Experience with access logging, centralized logging, and monitoring/alerting of security log events such as ELK, InsightIDR, Splunk, and SumoLogic
- Experience with applications for monitoring infrastructure security and detecting intrusions such as Threat Stack or Insight IDR
- Working knowledge of incident response, threat modeling, and mitigation
- Working knowledge of common information security management frameworks such as SOC2 Type 2 and ISO27001
- 5+ years working on AWS running multiple production workloads
- Experience designing and implementing access control models for privileged access in fast-paced AWS cloud environment
- Knowledge of AWS security best practices and security controls using AWS services such as Cloudtrail, GuardDuty, IAM, SSO, VPC, etc.
- Strong understanding of common internet protocols such as DNS, SMTP, LDAP, etc.
- Good communication and collaboration skills
- Self-motivated and strong sense of ownership of tasks
- Bachelors or Masters' degree in Computer Science or Information Security or equivalent work experience
ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. You can see more of the details here, but some of our most popular benefits include our comprehensive health and wellness benefits (including no premiums for employees on our HSA plan, tele-health and tele-mental health, and access to the Calm app for mediation), open paid time off, generous 401(k) matching with no vesting, a generous stipend to outfit your remote office, and a focus on career growth including access to personal and professional coaching. We take a proactive approach to diversity and inclusion and offer parental leave, career pathing, and support employees’ ongoing learning and development through Udemy and access to life coaches via Modern Health. We also offer cool swag.
ActiveCampaign is an equal opportunity employer. We recruit, hire, pay, grow and promote no matter of gender, race, color, sexual orientation, religion, age, protected veteran status, physical and mental abilities, or any other identities protected by law.
Our Employee Resource Groups (ERGs) strive to foster a diverse inclusive environment by supporting each other, building a strong sense of belonging, and creating opportunities for mentorship and professional growth for their members.
Our core values:
Start with trust
Make the customer a hero
Cultivate inclusion & diversity
Iterate everything, always
Create WOW
Pursue growth with gratitude
Visit here to learn about perks and benefits at ActiveCampaign and see our values in action.
Read Full Job Description
