CXO Nexus is a fast growing company headquartered in NY with engineering offices in San Francisco and abroad. We’re building the next generation of AI based Enterprise Vendor Spend Analytics to help companies lower expenses, reduce risk, and manage their business more effectively. We’re a dynamic company looking for talented team members that enjoy solving problems and helping our customers achieve success in a fast moving environment with lots of opportunities for early stage employees.
We offer competitive pay and benefits, and we’re a 100% virtual company. Allowing employees to work where and when they want. We trust people, we respect them, and we encourage them to be their best.
We are Currently Looking for:
We are looking for energetic, and enthusiastic go getters to solve a wide variety of solutions. Successful candidates will be highly skilled DevOps Engineers proficient with a variety of automation technologies, and process frameworks.
We’re looking for candidates with the following qualities:
- Team player who takes pride in seeing others succeed, and helping others achieve success. They don’t just collaborate, they enjoy it!
- Innovative thinker willing to be open to new ideas, different approaches, and to respectfully challenge existing ideas with new and innovative approaches
- Learner: believes in continuous growth, understands that there is always more to learn, and can benefit from new and different approaches
- Startup player willing to jump in an roll up their sleeves into different areas and problems to lend a hand
- Determination: someone that recognizes that failure is part of the process, won’t let it bring them down, and won’t give up until a solution is found
- Ownership: someone that takes pride and ownership of their work and takes responsibility for the output and results
- Independent: self-starters that can work independently, be given simple guidance and objectives and can define the path and steps to get there (we don’t micro manage!)
- Thrives in ambiguity: someone that understands that each new area may not be black and white, understands how to move forward in gray areas, and works to define them
- Team member: someone that fits into and helps create the culture of support, caring, and work ethics that we can all be proud. Someone that is part of what makes us great.
SecOps Engineer responsibilities:
- Developing InfoSec Security Plans and Policies, including Security Awareness
- Developing operational processes, SOPs, documentation
- Implementing and maintaining Protections
- Evaluating Security Posture and Testing for vulnerabilities
- Process re-engineering, continual process improvement in all operational areas
- Maintaining process controls for ITIL processes, including Config, Change, Problem, and Asset management
- Communicating and collaborating effectively with all parts of the organization
- Implementing SecOps protections, best practices and processes, and creating and establishing a culture that embraces Security
- Staying abreast of developments in SecOps, Security threats, risks, methods, and technology
- Developing and maintaining Security controls
- Ensuring environmental consistency, and secure practices and configurations
- Monitoring all elements of service to identify security breaches and risks and working to mitigate and eliminate them
- Investigating Security Breaches
- Providing feedback and improvement opportunities to Developers and other teams to improve processes
- Building instrumentation, and metrics to evaluate the health, security posture, risk, and growth/stability of the environment
- Security incident response, remediation, and mitigation
- Evaluating, and setting standards for 3rd parties, managing Security Vendor relationships
- Automating, and Instrumenting Security environment
- Establishing and maintaining strong access management controls and practices
- Evaluating current security posture, documenting gaps, and establishing plans to remediate
SecOps Engineer Requirements
- Computer Science degree or equivalent experience
- 3 Years of work or equivalent experience
- Strong automation skills (tool agnostic).
- Familiarity with ITSM Change and Configuration Management processes.
- Secure configuration practices, including Linux, AWS AMIs, and other common systems
- Highly proficient managing AWS services, configurations, and establishing strong security practices.
- Proficient running common hosting platforms such as LAMP stacks, EC2, Kubernetes, and Docker
- Proficient with Network Security, Routing, Firewalls, IDS, SIEM, AV, Content Filtering, DDoS mechanisms, and Spam/Phishing/Email technologies
- Proficient with log analysis tools including ELK (Logstash, Kibana)
- Strong operational experience in Linux/Unix environment and scripting languages: Shell, Python.
- Familiarity with Big Data tools and technologies such as Hadoop, Spark, Kafka
- Excellent verbal and written communication skills.
- Familiarity with Agile Process framework
- Familiarity with SOC II, NIST CyberSecurity framework, and other security frameworks and controls
- Secure coding practices, Secure SDLC, and OWASP
- Proficient at Testing and Monitoring for Security Breaches
- Strong understanding of IAM tools and technologies
- Good problem solving skills.
- Attention to detail.
- Goal orientated with strong follow up and execution
- Candidates with the following business skills are a plus
- Finance – familiarity with common Enterprise finance tools, terminology and processes such as SAP, Workday, and Oracle
- Procurement – familiarity with common Enterprise procurement tools, terminology and processes such as Ariba, and Coupa
- Business Technology – familiarity with the tools and processes used in Enterprise IT, Marketing, and Finance departments
Candidate will be asked to provide a portfolio of their work, and sample problems to demonstrate proficiency.