Avatar for One Concern

A benevolent AI company that provides trusted insights to emergency responders

Senior Information Security Engineer

Apply now
One Concern is a Menlo Park-based benevolent artificial intelligence company with a mission to save lives and livelihoods before, during, and after disasters. Founded at Stanford University, One Concern enables cities, corporations and citizens to embrace a disaster-free future, through AI-enabled technology, policy, and finance. By combining data science and natural phenomena science we are pursuing a vision for planetary-scale resilience, where everyone lives in a safe, equitable, and sustainable world.

One Concern is growing rapidly and we are looking for passionate, motivated, and high-reaching engineers to join our team. Our engineering challenges are unique, so you should be comfortable in uncharted territory and excited to create systems that can support cities of 100,000 and 10 million people alike.

As our Information Security Engineer, you will work within the Cloud Ops team at One Concern to ensure the highest availability and security of our SaaS platform. You will be responsible for the implementation and operational aspects of security for our cloud computing environments, along with ensuring through automation that our systems are monitored appropriately. Managing complex distributed systems at scale is a must.


Responsibilities
* Assist in the continued automation of operational tasksPerform on-call SRE duties and assist in diagnosis and resolution of issues with our cloud services
* Perform risk analysis to identify and access the current state of security within our online platform
* Ensure our currently deployed security tools are configured optimally with our business needs in mind
* Develop an automated security framework for our security operations dealing with incident detection and response, monitoring and alerting, mitigation and resolution
* Reduce the attack surface of our cloud computing environment and work to continually minimize or eliminate our security vulnerabilitiesHelp develop security procedures and policies for the organization
* Document our state of security and conference with our customers as our security expert
* Setup tools that can be used in security threat detection and mitigation
* Identify and deploy software that can assist in the logging of security events and security incident management
* Perform internal security audits and present outcome and insights to team and executives
* Lead SOC2/ISO27001 compliance initiative within the organization
* Perform the role in an ethical and responsible manner

Requirements
* Experience working with Linux OS, Docker and Kubernetes
* Familiar with networking concepts and protocols
* Experienced in scripting languages, such as Python, Ruby, Bash
* Extensive experience managing and securing distributed systems in GCP, AWS or Azure
* Setup and maintained IDS and SIEM systems in the cloud
* Experience with CI/CD software like CircleCI/Codefresh and integrating security in the continuous integration, continuous delivery, and continuous deployment (CI/CD) pipeline
* Experience with centralized logging systems like ELK/EFKExperience with RDBMS databases (MySQL/Postgres)

Perks & Benefits
* Market-competitive salary plus equity
* Comprehensive medical, dental, and vision insurance
* Daily lunches, and a fully-stocked kitchen
* Generous PTO policy
* Team off-sites
* Flexible working hours

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.