Staff Security Engineer
At Pandora, we're a unique collection of engineers, musicians, designers, marketers, and world-class sellers with a common goal: to enrich lives by delivering effortless personalized music enjoyment and discovery. People—the listeners, the artists, and our employees—are at the center of our mission and everything we do. Actually, employees at Pandora are a lot like the service itself: bright, eclectic, and innovative. Collaboration is the foundation of our workforce, and we’re looking for smart individuals who are self-motivated and passionate to join us. Be a part of the engine that creates the soundtrack to life. Discover your future at Pandora!
SiriusXM and Pandora have joined together to create the world’s largest audio entertainment company. Together, we are uniquely positioned to lead a new era of audio entertainment by delivering the most compelling subscription and ad-supported audio experiences to millions of listeners – in the car, at home and on the go. Our talent, content, technology and innovation continue to be at the forefront, and we want you to be a part of it! Check out our current opening below and at www.SiriusXM.com/careers.
The Staff Security Engineer will be responsible for the security architecture, monitoring, and incident mitigation for Pandora's growing public and private cloud infrastructure.
The successful candidate will be responsible for ensuring the security of Pandora's hybrid cloud infrastructure while maintaining a high level of Developer enablement and mentoring users on best practices as pertains to security of the infrastructure. Additionally, you will have the opportunity to drive the technical implementation of our Security solutions by providing necessary guidance and technical leadership to more junior engineers.Requirements
- 10+ years experience in Security Operations and/or IT industry
- Perform detailed forensics for security related incidents
- Develop, evolve, and manage monitoring and alerting solutions to create a deep understanding of trends, anomalies, and incidents
- Lead the architecture and planning for company wide security efforts
- High level of competency with Python development including OO design principles
- Expert on authentication paradigms: IaM policy management and Cloud KMS solutions
- Operational experience with IaC tools like Terraform, AWS CloudFormation, or Google Cloud Deployment Manager
- Expertise in secure cloud architecture and security including containers, SDN, HA, serverless compute
- Implementation of MSSP services such as RedLock, Threat Stack, Dome9, Security Command Center, and Evident.io
- Experience deploying and managing cloud WAF solutions
- Hands on experience with stateful firewalls: Juniper SRX, PaloAlto Networks
- Solid experience with automation solutions: Ansible, Chef, etc.
- Expert in deploying and managing SIEM environments: AlienVault, Splunk, ELK
- You should be comfortable and eager to mentor junior members of your team as well as individuals in other operational groups.
- Solid experience with Linux system administration (RedHat, Debian, etc.)
- Hashicorp stack: Vault, Nomad, Consul
- Monitoring and Securing sidecar load balancing environments (Envoy/Istio)
- Knowledge of compliance requirements PCI DSS, SOX
- Shell scripting
- Experience with version control systems such as GIT or SVN in a collaborative environment
- Knowledge of fundamental networking concepts: BGP, VPNs, OSI model