Secure Cloud Engineer
ActiveCampaign’s category-defining Customer Experience Automation Platform helps over 130,000 businesses in 170 countries meaningfully engage with their customers. The platform gives businesses of all sizes access to hundreds of pre-built automations that combine email marketing, marketing automation, CRM, and machine learning for powerful orchestration, segmentation and personalization across social, email, messaging, chat, and text. Over 70% of ActiveCampaign’s customers use its 300+ integrations including Shopify, Square, Facebook, Eventbrite, and Salesforce. ActiveCampaign scores higher in customer satisfaction than any other solution in both Marketing Automation and CRM All-In-One on G2.com.
As a global multicultural company, we are proud of our inclusive culture which embraces diverse voices, backgrounds and perspectives. We don’t just celebrate our differences, we believe our diversity is what empowers our innovation and success. If this matches your goals and interests, we hope you consider joining our team!
As the fastest-growing SaaS company in Chicago, we are scaling rapidly to keep up with market demand. We are growing all of our teams and looking for people who share our values, deliver innovation frequently and join us in our mission to grow our customer base from 130,000 today to millions.
The secure cloud engineering roles plays a key role in ensuring the security of our cloud infrastructure and protection of our sensitive PII data per our information security policy. This person will help identify security gaps and drive remediation activities to close those gaps. This position plays an integral role in defining and assessing the organization's security strategy, architecture and practices as well as contributes to maturing the company's infrastructure security architecture and technology frameworks.
What your day could consist of:
- Be part of the security team to drive security related initiatives including but not limited to creating/maintenance of security policies, implementation of security procedures/controls, and monitoring in conformance to the policy
- Deploy and manage applications to monitor cloud infrastructure security and intrusions
- Perform initial incident triage, determine scope, urgency, and potential impact of security incidents
- Provide guidance and work with the infrastructure team on security best practices around OS hardening, access logging, and patching
- Design, deploy, manage and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more
- Work with external auditors on compliance
- Provide security guidance to SRE / DevOps Engineering teams in the company
- Perform security gap assessments and implement remediations
- Run periodic infrastructure vulnerability scans and facilitate pen tests while working with engineering teams on identified vulnerabilities for resolution
- Work with the production operations team on securing and best practices for all our AWS accounts
- Own the overall cloud infrastructure security program
- Monitors industry security updates, changes, technologies, emerging threats and best practices for continuous improvement
What is needed:
- 5+ years of experience in Infrastructure and Information Security
- Experience with OS hardening techniques for Linux environments such as SELinux, disabling root login, sudo, password expiration, etc.
- Experience with access logging, centralized logging, and monitoring/alerting of security log events such as ELK, InsightIDR, Splunk, and SumoLogic
- Experience with applications for monitoring infrastructure security and detecting intrusions such as Threat Stack or Insight IDR
- Working knowledge of incident response, threat modeling, and mitigation
- Working knowledge of common information security management frameworks such as SOC2 Type 2 and ISO27001
- 5+ years working on AWS running multiple production workloads
- Experience designing and implementing access control models for privileged access in fast-paced AWS cloud environment
- Knowledge of AWS security best practices and security controls using AWS services such as Cloudtrail, GuardDuty, IAM, SSO, VPC, etc.
- Strong understanding of common internet protocols such as DNS, SMTP, LDAP, etc.
- Good communication and collaboration skills
- Self-motivated and strong sense of ownership of tasks
- Bachelors or Masters' degree in Computer Science or Information Security or equivalent work experience
ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. We'll share all the details later on but in summary: comprehensive health and wellness benefits including no premiums for employees on our HSA plan, open time off plan, generous 401(k) matching with no vesting, lunch and endless snacks/ beverages, reimbursed commuting, education budgets, ongoing learning and development, a proactive approach to diversity and inclusion, parental leave, career pathing and lots of swag.
Check out more information on our benefits & perks here.
ActiveCampaign is an equal opportunity employer. We recruit, hire, pay, grow and promote no matter of gender, race, color, sexual orientation, religion, age, protected veteran status, physical and mental abilities or any other identities protected by law.
Our Employee Resource Groups (ERGs) strive to foster a diverse inclusive environment by supporting each other, building a strong sense of belonging and creating opportunities for mentorship and professional growth for their members.
Our core values:
Start with trust
Make the customer a hero
Cultivate inclusion & diversity
Iterate everything, always
Create WOW
Pursue growth with gratitude
Visit here to learn about perks and benefits at ActiveCampaign and see our values in action.
Read Full Job Description
