Information Security Analyst
At Imply, we are on a mission to help developers become the new heroes of analytics. Our unique database, built from Apache Druid, enables them to develop the next generation of analytics applications. With Imply, developers can build without constraints as our database lets them create interactive data experiences on streaming and batch data with limitless scale and at the best economics.
Backed by leading investors including a16z and Bessemer Venture Partners, Imply is on a fast growth trajectory - disrupting the $100B database market - with customers including Salesforce, Reddit, and Intercontinental Exchange. Come join our team of disruptors, pioneers, and innovators!
The Information Security Analyst is responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. They are well rounded, well organized, and thrive in fast-paced, high-stress scenarios. This is a diverse role working across various teams to research, validate, and model current and emerging threats and vulnerabilities. In this role you will leverage enterprise tools to research and validate findings from vulnerability scans and network penetration tests. Additionally, you will coordinate and monitor remediation efforts with other business units embracing a culture of partnership and teamwork.
- Perform security assessments of Imply systems, applications, and infrastructure providing written reports and recommendations for management review
- Monitor and maintain security posture of production infrastructure by identifying and remediating vulnerabilities on an ongoing basis
- Perform and review vulnerability assessments (including DAST and SAST)
- Build and maintain security tools with an emphasis on automation
- Liaise with internal and external stakeholders to ensure security and compliance of all Imply owned computing systems and applications
- Review and suggest enhancements to SDLC and CI/CD processes
- Build threat models and security reporting tools
- Keep current with the latest news and events surrounding cyber threats and security, while assisting fellow employees with cybersecurity needs
- Support additional Information Security projects as needed
- Experience in public cloud is required (GCP, AWS, Azure)
- 2+ years of experience in Cyber Security roles with a preference in engineering
- Experience work with software development or devops teams
- Experience in systems or network administration
- Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)
- Proficiency in a wide range of public cloud technologies (ex. AWS EC2, EKS, EBS, RDS, S3, etc)
- Proficiency in Infrastructure as Code (IaC) technologies such as Cloudformation or Terraform
- Comfortable working in a fast-paced environment
- Critical thinking skills and the ability to solve problems as they arise
- Basic coding skills, such as Java, Python and other languages
- Knowledge of system security vulnerabilities and remediation techniques
- Excellent written and verbal communication skills
- CISSP, CISM, CISA, CEH, OSCP, or similar certifications
- Experience and knowledge in developing systems and configuring security postures
- Experience in two or more of the following technical areas: Virtualization, Cloud Computing, Database Management, Software Development, Integration, Static and Dynamic Code Analysis, DevOps/DevSecOps with emphasis on security testing in CI
- You’ve used and are familiar with leading cloud-based tools
- Understanding of the legal world, contracts, and how it all works
- Understanding of the current Privacy landscape and regulations in-place
What we offer:
- 100% Paid Medical, Dental and Vision Benefits
- 401(k) Program
- Fertility Coverage Option
- Pet Insurance
- Dependent Care FSA
- Mental Health Support
- Life and AD&D Insurance
- Unlimited Paid Time Off - USA Only
- Wellness Stipend
- Home Office Equipment Reimbursement
- Pre-Tax Commuter Benefits
Individual compensation will be determined based on the candidate's experience and qualifications aligned with Imply’s internal levelings guidelines and benchmarks. The below range encompasses roles with on target earnings. This role is also eligible to participate in Imply’s equity plan subject to the terms of the applicable plans and policies.
Compensation: $80,000 - $170,200
Don’t meet every single requirement? Studies have shown that certain minority groups are less likely to apply to jobs unless they meet every qualification. At Imply, we are dedicated to building a diverse, inclusive and authentic workplace. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or for other roles in the future.
Imply is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, gender identity or expression, marital status, national origin, disability, protected veteran status, race, religion, pregnancy, sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Attention: Imply Applicants
Due to reports of phishing, we’re requesting that all Imply applicants apply through our official Careers page at imply.io/careers. All official communication from Imply will come from email addresses ending with @imply.io.