What are the responsibilities and job description for the Security Engineer position at Boston Dynamics?
You will be a member of the Information Technology (IT) Infrastructure Team responsible for ensuring the secure design and delivery of IT solutions to Boston Dynamics. As a Security Engineer at Boston Dynamics, you will be part of a growing and focused security team. You will use the latest technology to improve and develop new designs and security strategies across all types of applications (including infrastructure, platform, and software as a service.) Our Security Engineer provides security expertise in all stages of security solutions and all types of cloud infrastructure. Customer assessments, IT policy, corporate security audits are also considered in scope for this role.
Boston Dynamics is a world leader in mobile robots, tackling some of the toughest robotics challenges. For years, our awe-inspiring viral videos on YouTube have shown the world what remarkably capable robots can do. Now we are quickly becoming a recognized leader in automation solutions for industrial applications and warehouse logistics.
Day To Day Activities
Boston Dynamics is a world leader in mobile robots, tackling some of the toughest robotics challenges. For years, our awe-inspiring viral videos on YouTube have shown the world what remarkably capable robots can do. Now we are quickly becoming a recognized leader in automation solutions for industrial applications and warehouse logistics.
Day To Day Activities
- Review logs for security incidents, concerns, evaluate, and implement countermeasures as needed.
- Articulate risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents, reducing risk by implementing technical controls.
- Leverage CSPM tools to secure our cloud infrastructure.
- Work closely with our firewall engineers to ensure best practices
- Implement NIST security frameworks and work with a team to ensure compliance across the organization across the organization.
- Ensure continuous delivery pipelines have proper security controls that serve the purpose of provisioning and operating client tests as well as production environments.
- Evaluate new technology options and vendor products, present cost-benefit analysis to the team.
- Lead security incident response and problem management including timely problem identification, successful resolution, and root-cause analysis.
- Assist with the maintenance of metrics and scorecards in support of the information security program.
- Manage Data Loss Prevention (DLP) solutions to ensure the safety of intellectual property.
- Perform technical security reviews of existing and proposed cloud architecture.
- Review security posture for new service offerings and provide guidance and recommendations.
- Collaborate and communicate regularly with key stakeholders to capture, analyze, and deliver business security requirements.
- Design and document procedures to support ongoing security operations.
- Provide forensic analysis on incoming 3rd party data and physical storage devices.
- BS or MS in computer science, cyber security or related field or equivalent work experience
- 4 years in a technology organization or DevOps/DevSecOps role
- Experience with enterprise SaaS security tools for EDR, VM, SIEM etc..
- Experience implementing NIST security frameworks; familiarity with SOC2 and ISO27001 certification process.
- Cloud/Security certifications are a plus
- Experience with developing and participating in CyberSecurity tabletop exercises
- Experience with one or more cloud service providers, preferably Google Cloud Platform
- Excellent interpersonal, written and verbal communication skills; a sense of humor is a must!
- Skilled with one or more scripting languages (bash, python).
- Skilled in security incident response and recovery experience.
- Able to write and advise security policy.
- Design and implement vulnerability management in a container or serverless architecture.
- Experience managing and securing containerized environments.
- Knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.