Information Security Engineer - 12877
Woodland Hills, United States
It's fun to work in a company where people truly believe in what they're doing!
At Blackline, we're committed to bringing passion and customer focus to the business of enterprise applications.
Since being founded in 2001, BlackLine has become a leading provider of cloud software that automates and controls the entire financial close process. Our vision is to modernize the finance and accounting function to enable greater operational effectiveness and agility, and we are committed to delivering innovative solutions and services to empower accounting and finance leaders around the world to achieve Modern Finance.
Work, Play, and Grow at BlackLine!
Make Your Mark:
BlackLine empowers our team members to be change agents and is always seeking new and innovative ways to solve problems. We are experiencing explosive growth and looking for passionate and talented people to join our team.
The BlackLine Information Security Operations team provides critical technical security protections for both internal and external customers. As part of the larger InfoSec team, the cloud security engineer will split his or her time between design, develop, and deliver new solutions to innovatively solve tough security problems; and at the same time will spend time in a dynamic detection and response team serving to provide incident response capabilities protecting our global footprint. The role includes deep threat analysis, design and delivery of solutions, and tuning purpose-built security tools and services. This employee will be responsible for the daily operation and management of two or more security technical controls to protect customers and their data.
- Participate in a 24/7 global operation that looks for and responds to security events on BlackLine networks, especially those on our multi-cloud footprint.
- Perform investigations on a wide variety of events from various sources to determine whether they pose a threat.
- Participate in resolving large-scale security incidents.
- Work with teams from around BlackLine to discover new detection capabilities and logging sources.
- Assist in the design of security tools and drive its implementation to protect BlackLine networks and systems.
- Provide security expertise and guidance to a diverse set of BlackLine engineering and business teams.
- Conduct security reviews of core corporate and production infrastructure, systems, and tools.
- Drive enterprise-focused security improvements to BlackLine systems and services.
- Build security tools and processes using Python for critical infrastructure protection, monitoring, and remediation.
- Execute technical and process changes required to adopt, maintain and adjust InfoSec controls as required to manage the company’s risks and align with industry best practices
- Operate/maintain/improve security tools and capabilities using industry best practice and standards
- Execute network and device security strategy in conjunction with technical leadership and guidance from senior team members
- Work with peers in other internal groups to drive technical security risk down in targeted areas.
- Take end-to-end ownership of one or more security tools and metrics, driving risk down actively across BlackLine’s global footprint
What You’ll Bring:
- Bachelor's degree in Computer Science or a related technical field, or equivalent practical experience.
- 1-5 years of relevant industry experience in security, with 1 or more years experience in infrastructure or operations in another technical department.
- Coding experience in one or more scripting or command line languages.
- Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response, and forensics; Development of security tools, automation or frameworks.
- Working understanding of command-line navigation in both MS and ‘nix style operating systems
- Familiarity with different families of technical security controls and tools
- Demonstrated ability to understand systems architecture, data flows, and to make recommendations on risk
- Ability to learn and operate independently
- Problem-solving ability and clear communication skills
- Operate with some supervision, and demonstrate taking initiative in one or more security program(s)
We’re Even More Excited If You Have:
- At least 2 years working in cloud, mobile, database administration, or network infrastructure prior to coming to security
- CISSP, CISA, or other information security associated certification
- Masters, Electrical Engineering or Computer Systems
- GCIH is recommended
- Hands-on experience with logging/monitoring/alerting tools
Thrive At BlackLine Because You Are Joining:
- A technology-based company with a sense of adventure and a vision for the future. Every door at BlackLine is open. Just bring your brains, your problem-solving skills, and be part of a winning team at the world's most trusted name in Finance Automation!
- A culture that is kind, open, and accepting. It’s a place where people can embrace what makes them unique, and the mix of cultural backgrounds and varying interests cultivates diverse thoughts and perspectives.
- A company that believes in providing the best possible service to its clients and that starts with offering amazing perks to its employees. These perks include 100% coverage for healthcare, vision, and dental, 401(k) matching, ESPP, food, drinks, games, and so much more!
- A culture where BlackLiners’ continued growth and learning is empowered. BlackLine offers a wide variety of professional development seminars and inclusive affinity groups to celebrate and support our diversity.
BlackLine is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, race, age, religious creed, national origin, physical or mental disability, ancestry, color, marital status, sexual orientation, military or veteran status, status as a victim of domestic violence, sexual assault or stalking, medical condition, genetic information, or any other protected class or category recognized by applicable equal employment opportunity or other similar laws.