Security Operations Engineer, Tixr

• Using, managing, and securing cloud services and platforms that are SaaS, IaaS, etc
• Experience with security concepts in AWS and with the available security tools, such as Inspector, GuardDuty, Macie, Config, CloudFormation, CloudWatch, CloudTrail, Trusted Advisor, WAF, etc., while also being familiar with third-party alternatives (and when it is beneficial to use them)
• Proficient in administering and effectively managing monitoring and detection systems
• Deploying identity and access management services including Single Sign On (SSO) frameworks and mechanisms such as OAuth, SAML, etc
• Log management and security analytics tools, including open source and commercial platforms/toolsets
• Skillful in integrating security in Tixr’s continuous integration, continuous delivery, and continuous deployment (CI/CD) pipeline for Infrastructure as Code (IaC) (running unit tests, running security tools, managing secrets) using configuration management and automation tools such as Jenkins, Chef, Terraform, GitHub Actions, etc
• Experienced with using Regular Expressions (REGEX) as well as with automation and development leveraging Python, Terraform, etc
• The ability to monitor, evaluate, and interpret vulnerabilities/CVEs, vulnerability, risk, and security assessments, cloud platform/system/device/IDS/IPS logs, and threat analysis
• Knowledgeable about and able to apply open-source and proprietary information within the industry
• Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. Ability to interact with internal and external customers, leadership, and co-workers both in person, virtually, and in writing
• Ability to research highly technical topics and derive logical conclusions using well-thought-out processes, eliminating bias and logical fallacies
• Ability to combine information from various sources into clear, concise technical documents that explain the background and procedures for detecting and mitigating risk
• Security monitoring and intrusion detection
• Implementing and working with industry standards and guidelines relevant to the role and our industry, such as SOC1/SOC2/SOC3, and PCI
• Managing the information security incident lifecycle, including incident response, mitigation, forensics, after-action reporting, and mapping a path forward
• Information security architecture, mitigation of threats, and compensating controls
• Applied cryptography and security protocols
• Penetration testing and red teaming
• Enterprise risk management programs, including internal audits, consulting engagements, information technology reviews, audit, and compliance efforts

Desirable

• Implement hands-on efforts to protect and defend Tixr’s network boundaries, keep computer, network, and cloud systems hardened against malicious activity, and provide security services that protect our customer sensitive information
• Use your experience to own, facilitate, and drive the resolution of security incidents, the implementation of security toolsets, the automation and operationalization of these toolsets and address policy questions and resolve security issues of a technical nature
• Work with software engineers to proactively identify and remediate security flaws and vulnerabilities in our product and platform
• Focus on scaling and automating security infrastructure and processes
• Solve user and corporate security concerns, investigate security incidents, perform security gap analysis, and implement novel technologies and architecture

• Healthcare (PPO) and 401(k)
• Top of the line work equipment
• Unlimited paid-time-off with self-regulated vacation policy
• Flexible remote working environment
• Casual, laid-back office and company culture
• Access to awesome events!

If you want to go to any sporting, music or other major event, you probably purchased your ticket through a ticketing platform. However, while these are useful for event organizers, bringing customers to a central sales point and managing reservations, they frequently offer a horrible experience to users with poor search functions and confusing interfaces. Tixr was founded in 2012 to solve this with a ticketing platform built around a fun and easy user interface.