Cloud Security Engineer
WHO WE ARE:
ActBlue is a nonprofit that builds tech and infrastructure for Democratic campaigns, progressive-aligned causes, and people trying to make an impact in order to fuel long-term, people-powered change. If you’ve ever given online to a Democrat or progressive organization, chances are you’ve used our powerful online fundraising platform.
We put power in the hands of small-dollar donors and help thousands of groups — from presidential candidates to environmental organizations — build grassroots movements. We envision a democracy where everyone looking to make progressive people-powered change can easily and effectively deploy their resources, energy, and creativity to shape our country and futures. Each and every one of us, from the political activists to the tech innovators to the customer service pros, is fully committed to our mission.
THE OPPORTUNITY:
Our security team is growing, and we are looking for a number of skilled cloud security professionals to join us. As a cloud-native organization, our stack resides entirely within AWS, and we want to ensure that we are doing everything possible to keep our platform, infrastructure, and data secure. As a member of our cloud security team, you will have the autonomy to explore the environment, identify areas for improvement, and put in whatever proactive security enhancements you deem necessary.
WHAT YOU WILL DO:
- Work closely with our DevOps and IT teams to design and build secure-by-default infrastructure and systems.
- Identify and implement best practice hardening standards for our infrastructure and the services we rely on.
- Conduct regular threat hunting to identify and remediate any malicious activity.
- Automate security detection and response capabilities.
- Evaluate and recommend new and emerging security products and technologies.
- Provide security consulting to infrastructure teams to ensure initiatives are always following best practice standards.
WHAT YOU BRING:
- Experience working with and securing AWS and its services such as EC2, EKS, GuardDuty, ELB, ECS, IAM, S3, RDS, CloudTrail, CloudFront and AWS Config
- Experience with a programming or scripting language such as Ruby, Go, or Python
- Experience performing incident response in the cloud
- Knowledge of network-based, system-level, and application layer attacks and mitigation methods
- Understanding of identity federation, authentication, and authorization controls
- Experience in reviewing or developing infrastructure-as-a-code using Terraform, ansible, CloudFormation or similar
- Experience securing applications deployed within Amazon Web Services (AWS)
- Consistent track record working on mitigating infrastructure security risks
- Proven experience building security infrastructure tools and products
- Experience with vulnerability management in the cloud, ideally in containerized environments
- Experience of working with PCI restricted environments would be a benefit
LOCATION AND COMPENSATION:
This posting is for a full-time, remote, salaried position. ActBlue is currently authorized to support remote work employees in California, Colorado, Florida, Georgia, Hawaii, Illinois, Maryland, Massachusetts, Michigan, Minnesota, New Hampshire, New York, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Carolina, Texas, Utah, Vermont, Virginia, Washington, Washington D.C., and Wisconsin.
Salary Range: We offer a competitive salary and a generous compensation package, which includes the benefits listed below:
BENEFITS:
- Flexible work schedules and an unlimited time-off policy
- Fully paid and trans-inclusive health, dental, and vision insurance for employees and their families
- Automatic 2% 401K contribution, plus up to 6% match
- Three months paid parental leave for all new parents, adoptions included; 4 weeks of a fully paid flexible work schedule; plus an additional one week of paid leave and an additional one week of flexible work schedule for every full year the employee has worked for ActBlue
- Commuter or home-office benefits, including a $1,000 home-office setup allowance for all new full-time remote employees
- Additional perks including quarterly snack deliveries and digital subscriptions to the Boston Globe & New York Times
ActBlue is unable to sponsor work visas at this time.
INCLUSION STATEMENT:
Women, people of color, LGBTQIA2S+ individuals, and members of other minority or marginalized groups are strongly encouraged to apply. ActBlue is an equal opportunity employer and does not discriminate against candidates on the basis of race, ethnicity, religion, sex, gender, sexual orientation, gender identity, disability status, or veteran status.
ActBlue is also committed to providing reasonable accommodations to individuals with disabilities throughout the interview and employment process, including using our online system to apply for a position.
OUR ENGINEERING VALUES:
- We believe that ideas are more important than technologies.
- We understand that the tools we build have real-world consequences for millions of people and take that responsibility seriously.
- Security is at the center of everything we do. We are always on the lookout for ways to further harden our platform.
- We know that code isn’t just a set of instructions for machines, but communication with other humans; style, elegance, and respect are important.
- We believe that an ability to balance paying off technical debt and rapidly completing a project contributes to the health of the codebase, engineering team, and organization.
- We believe that being correct isn’t enough; respect for your colleagues and users is fundamental.
*ActBlue will never ask candidates to buy equipment, nor will we email from anything other than an actblue.com or actbluetech.com email address.