The Infrastructure Security Engineer will work to ensure the privacy and integrity of our users’ sensitive information. Their objective will be to build core security tooling for platforms that perform the collection, computation, aggregation, and storage of personal financial data and partner with technical teams across the company, advising them on secure design patterns for cloud and corporate infrastructure. They will lead strategic initiatives to remediate and mitigate infrastructure security risk across the organization.
Projects you may be working on in this position include:
- Design the security controls, automations, and infrastructure to support self-service AWS account creation and administration
- Build tools to perform continuous monitoring, reporting, and remediation of cloud security issues
- Design pragmatic baseline security controls to support new business units and rapid prototyping
- Perform security design reviews for critical partnerships and new technologies
Where you can make an impact:
- Develop and deploy security controls and measures to protect cloud-based infrastructure and services. This includes defining what good security looks like for cloud infrastructure and executing on initiatives that get us here. Ensure that security measures align with industry best practices and regulatory requirements.
- Serve as a subject matter expert on cloud security matters, providing guidance and support to other engineering teams leveraging various tech stacks. This involves assisting with the design and implementation of secure network/infrastructure architectures and advising on security best practices.
- Develop and implement automation scripts and workflows to streamline security operations and ensure consistent enforcement of security controls across cloud environments. Leverage Infrastructure as Code (IaC) tools such as Terraform to define and deploy security configurations programmatically.
- Assess the security posture of public cloud environments. This involves reviewing configurations, access controls, identity management, encryption mechanisms, and compliance frameworks to identify potential security gaps and risks.
- Monitor cloud environments for security events and anomalies, such as unauthorized access attempts, data breaches, and configuration changes. Utilize cloud-native security tools and SIEM (Security Information and Event Management) platforms to collect and analyze security logs and alerts. Respond promptly to security incidents, investigating root causes and implementing remediation actions.
You are:
- A subject matter expert in AWS security controls and industry best practices for building secure cloud environments
- Pragmatic in your approach to reducing risk in a manner that incorporates business and product needs
- Focused on building scalable cloud security solutions that allow for a high degree of engineering autonomy while reducing risk to acceptable levels
- Excited to lead roadmap items outside your core competencies to move the program forward and adapt to prioritize critical tasks as they arise
- An ambassador for fostering a respectful, blameless, and collaborative work environment
Your experience:
We recognize not everyone will meet all of the criteria. If you meet most of the criteria below and you’re excited about the opportunity and willing to learn, we’d love to hear from you.
- 5+ years of experience in a professional cloud security engineering role with a focus on AWS.
- 2+ years experience writing infrastructure as Code (IaC) for production or environments using Terraform or other IaC tools.
- Experience building in Python and comfortable with learning other programming languages as needed.
- Experience building security integrations into CI/CD pipelines.
- Experience in security monitoring, triage and incident response in cloud and corporate environments.
- Experience building highly-scalable cloud security solutions with a high degree of autonomy while taking informed risks to move the business forward.
- Demonstrated ability to work collaboratively and constructively with cross-functional stakeholders to support the needs of the business while evaluating and addressing risk.
- Can mentor/coach junior engineers and provide them guidance when needed.
- Demonstrated ability to identify and drive process improvements needs.
- Experience driving large-scale security engineering projects across multiple cloud environments.
Where:
- This is a remote position and a person can be located anywhere in the U.S. or Canada (with the exception of Quebec).
- NerdWallet is proud to be a remote-first company! We believe great work can be done anywhere. No matter where you are based, NerdWallet offers benefits and perks to support the physical, financial, and emotional well being of you and your family.
What we offer:
Work Hard, Stay Balanced (Life’s a series of balancing acts, eh?)
- Monthly Healthcare Stipend
- Rejuvenation Policy – Flexible Time Off + You will receive the official public holidays in your province + Mental Health Days
- Pregnancy and Parental leave – NerdWallet will top up your pay so you receive 100% of your salary for 12 weeks for pregnancy leave and 12 weeks for parental leave
- Mental health support through Headspace
- Paid sabbatical for Nerds to recharge, gain knowledge and pursue their interests
- Weekly Virtual Bootcamp, Yoga and Mindfulness Meditation sessions
- Monthly Wellness Stipend and Cell Phone Stipend
- WiFi stipend and work from home equipment stipend
Have Some Fun! (Nerds are fun, too)
- Nerd-led group initiatives – Intramural Sports, Employee Resource Groups for Parents, Diversity, Equity, and Inclusion, Women, LGBTQIA, and other communities
- Hackathons, Happy Hours and team bonding across all teams and departments
- Company-wide events like Little Nerds Day (aka bring your kids to work day, even if you're remote!) and our annual Charity Auction
Plan for your future (And when you retire on your island, remember the little people)
- Annual Enrichment Stipend for learning and development
- RRSP with a 4% match. Eligible one month after hire.
NerdWallet is committed to pursuing and hiring a diverse workforce and is proud to be an equal opportunity employer. We prohibit discrimination and harassment on the basis of any characteristic protected by applicable federal, state, or local law, so all qualified applicants will receive consideration for employment.
Base pay offered may vary within the posted range based on several factors, including but not limited to education, job-related knowledge, skills, experience, and location.
The Pay range for this role is
$153,000—$231,000 CAD