Sr. Cloud Security Engineer
As a Sr. Cloud Security Engineer, you'll be responsible for protecting the confidentiality, availability, and integrity of Vivid Seats information assets in cloud environments such as AWS. This position is best suited for an experienced Information Security engineer with a strong proven understanding of AWS native products and functionality along with other complementary technologies (e.g., CDN) and best practices for cloud security. This candidate will partner with other cloud-focused infrastructure, operations, and devops teams to ensure the safety of Vivid Seats' information systems assets, customer data, and to protect systems from unauthorized access and abuse. Additionally, this position will collaborate with the rest of the Information Security organization to analyze and perform event correlation, create dashboards and reporting content, troubleshoot, and remediate security issues.
- Act as the Subject Matter Expert (SME) for security in the cloud within Vivid Seats
- Integrate with internal engineering teams providing frameworks to build, design, and implement products across the organization securely
- Review new and existing cloud hosted products and services for vulnerabilities
- Assess the health and security of cloud network architectures
- Ensure ongoing compliance of cloud hosted infrastructure to security policies and procedures
- Analyze and prioritize reports from internal and external researchers; facilitate confirmed issues to resolution with engineering teams
- Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures
- Assist in the design and delivery of business continuity and disaster recovery plans that meet RTO and RPO requirements for cloud-hosted services
- Drive the integration and ongoing monitoring of cloud systems events and alerts into existing industry-standard EDR and/or SIEM solutions
- Support and assist in developing ongoing roadmap for security related projects
Desired Skills and Experience:
- Heavy experience with applications running on/in Amazon Web Services a must
- 5+ years of combined experience in information security, technology, and risk management with at least 2 years' experience securing applications in AWS or equivalent
- Hands-on experience designing usage and implementation of AWS native technologies such as Security Groups, IAM, S3, Secrets Manager, Cloudtrail monitoring, etc.
- Hands-on experience with containerized applications running in a Kubernetes environment
- Hands-on experience with cloud automation-enabling tools such as CloudFormation and/or Terraform
- Understanding of application security concepts (such as the OWASP top 10) with the ability to articulate concepts to technical and non-technical staff
- Strong knowledge of networking and web related protocols (e.g., TCP, UDP, IPSEC, HTTP, HTTPS, network routing protocols)
- Experience working with many network security controls (Routers, Firewalls, Proxies, ACL's, Wireless networking protocols), in particular their cloud-native equivalents
- Knowledge of disaster recovery and business continuity principles and practices
- Understanding of current encryption standards and implementation procedures
- Ability to work with engineering teams to weigh business risks and enforce appropriate security measures in support of a Continuous Integration / Continuous Deployment environment
- Ability to handle multiple complex, long term projects simultaneously
- Knowledge with control frameworks such as ISO, SOX, NIST, CobiT, and PCI
- Passion for technology and information security
- A. or B.S. in Computer Science, Information Management, or relevant field
- CISSP is a plus
What We Offer:
Vivid Seats is the largest independent online ticket marketplace, sending tens of millions of fans to live events. Experiences Matter- which is why we continue to grow year over year. Working at Vivid Seats puts you front and center at the opportunity to scale our best in class platform that allow our fans to sit closer and experience more.
At Vivid Seats, you will have the opportunity to work with the flexibility and speed of a startup; while operating at massive, profitable scale. We keep our teams lean, allowing each and every employee direct accountability to creating a positive ticket buying experience. We are relentless and move quickly to release new features and content to our applications daily. Good ideas are heard and implemented, and hard work rewarded. Being a part of our team means having the ability to drive impact and own the innovation that connects our tens of millions of unique monthly users to the memorable experiences that only live events create.
We are passionate about creating memorable experiences for our fans… and the best in class experience for our employees. Vivid Seats offers competitive compensation levels, individual and team-based bonus opportunities, generous benefits package and Flex PTO policy plus a variety of workplace perks. The most exciting one: We offer our employees $100 worth of credits each month to spend on Vivid Seats tickets along with promotional discounts. At the heart of it, we are all fans of great live events. We want to help you get there more often.
111 N Canal Suite #800
Chicago, IL 60606