You love solving problems and always follow through. You thrive in a fast paced work environment. You have a love for technology and are always on top of the latest trends. You love getting your hands on new gadgets as soon as they come out. You are constantly looking for ways to improve the end user experience. Customer service is your middle name. You are a team player. You look for things to fix. You are well organized. You're a quick learner. You have a large swiss army knife of IT security skills.
If this sounds like you then you may be a good fit for the role of Business Technology Security Engineer based in Zuora's San Mateo Office. Zuora is looking for a highly skilled individual to build and manage a best in breed corporate security infrastructure across Zuora’s rapidly growing staff and corporate facilities. This role will be responsible for the security management of all Zuora corporate systems, networks and physical security across 19 locations in 10+ countries as well as the buildout of new sites. Responsibilities will include securing SaaS applications, systems security architecture, network security and ongoing monitoring and support of all SaaS applications and related systems. The Business Technology Security Engineer will also be responsible for documentation and training for global Business Technology across the company and implementing a strategic vision for future growth.
- Design and build next generation security infrastructure to help Zuora scale to support its rapid growth.
- Assist in implementing proactive monitoring to ensure minimal SaaS applications and systems down-time.
- Assess security resiliency of all SaaS application and on-premise systems to ensure sufficient redundancy.
- Own threat management and security incident handling, including the coordination of investigations and reporting of security incidents to management, in alignment with business needs and regulatory requirements
- Coordinate with 3rd party vendors as needed for additional NOC security, support and monitoring.
- Partner with Security team to conduct constant network and systems intrusion testing and provide support for compliance audits.
- Act as primary manager of vendor relationships for all IT security related products.
- Design of security policy and compliance with the requirements of both internal and external security audits and recommendations.
- Perform analysis of security needs not limited to imaging endpoint systems and security tools
- Demonstrated deliver monthly reports; participate in knowledge sharing activities; work closely with the customer to develop solutions
- Ability to mentor and lead team and serve as point of contact to the customer
- Hands on knowledge of maintaining and overseeing securing server and network infrastructure
- Develop and enforce automated security process and help advance security and privacy as core competencies throughout the company
- 8+ plus years as a lead managing SaaS applications and on-premise Linux and Windows systems industry experience, with MCSA, Red Hat, Linux + or similar certifications
- Expert knowledge of Active Directory, Microsoft Server infrastructure, SSO Solutions, Google Apps for Enterprise, and high-availability
- Use Amazon Web Services or other cloud tools to deploy IT services and solutions.
- Knowledge of SOC and ISO Compliance as well as knowledge of Cloud Security Alliance (CSA), PCI/DSS and global data protection and privacy laws (GDPR and Privacy Shield)
- Experience with Vulnerability Scanning tools
- In depth knowledge of DHCP, DNS, SSH, HTTPS, SNMP, SMTP, Syslog, and TCP/IP (IPv4 and IPV6)
- Experience with vulnerability and antivirus tools not limited too OpenDNS, Sophos, Malware, etc
- Experience with Client/Server environments Linux, Windows, OSX
- Extensive hands on experience with server hardening
- Proven experience in security design review and threat modeling
- Knowledge of JAMF (Casper), puppet or chef experience, familiarity with monitoring tools (Nagios, LibreNMS, Zabbix, or others)
- Knowledgeable of log management tools such as ELK, Splunk, and SumoLogic
- Strong understanding of networking
- Perform regular operating system, and application patching of Microsoft products and Linux systems.
- Experience with Atlassian products
- Scripting skills in Python, Bash, Ruby or other scripting languages