Security Engineer

Veeva Systems Columbus , OH 43216

Posted 3 months ago

At Veeva, we build enterprise cloud technology that powers the biggest names in the pharmaceutical, biotech, consumer goods, chemical & cosmetics industries. Our customers make vaccines, life-saving medicines, and life-enhancing products that make a difference in everyday lives. Our technology has transformed these industries; enabling them to get critical products and services to market faster. Our core values, Do the Right Thing, Customer Success, Employee Success, and Speed, guide us as we make our customers more efficient and effective in everything they do.

The Role

As the Security Engineer, you will focus on the evaluation, architecture, development, deployment, and operation of incident response, security monitoring, intrusion prevention, systems hardening, and vulnerability and malware prevention. We frequently work with other teams at Veeva, and look externally to partner with unique and innovative security companies.

What You'll Do

  • Design, build and maintain endpoint security, vulnerability analysis, incident response, security event management, security policy enforcement.

  • Design, build and maintain network security including network/firewall access control policies, runtime application self-protection, web application firewall, intrusion prevention, malware detection

  • Build complete security solutions by integrating off-the-shelf and custom security tools through APIs and custom code

  • Lead Incident response, from discovery, through containment, response through to reporting

Requirements

  • Bachelor's degree or higher in relevant field

  • Experience in Log Management, Security Event Correlation and any SIEM technology

  • Expertise in Incident Response technologies and Signature Development & analysis of false positive alerts

  • 2+ years of experience in a Security Operations, Incident Response & Forensics or Security Architecture role

  • Understanding of the TCP/IP Stack, Web-Application Architecture, Encryption fundamentals & OWASP Top 10

  • Experience with vulnerability assessment of Linux/Windows/Mac operating systems and determining contextual risk to Veeva

  • Expertise with Host operating systems (Linux, Windows, Mac)

  • Experience with Python/Perl or other scripting languages for automation

  • Strong written and verbal communication skills

  • Able to take ownership and set direction in gray areas

  • A burning desire to grow in both engineering and security expertise

Nice to Have

  • Experience in web application assessment tools such as Burp Proxy, Metasploit, Nessus, etc.

  • Experience with AWS security design and tools

  • Experience with log analytics and writing security alert queries

  • Experience with systems administration (RHEL7, Windows Server)

  • Experience in Web-Application & Network penetration testing

  • Experience with Atlassian/JIRA development

  • Experience with User Directory systems (e.g. AD or other LDAP directories).

  • Experience with Federated Identity Solutions (SSO/SAML).

  • Desire to identify and implement automation opportunities

  • Able to work independently or with a team

  • Able to multi-task and deliver consistently on deadlines

  • Able to give training and communicate vulnerabilities to developers/managers

  • OSCP certification, CISSP certification

Perks & Benefits

  • Flexible PTO

  • Allocations for continuous learning & development

  • Health & wellness programs

Veeva's headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.

Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Endpoint Security / Malware Prevention Engineer

Jpmorgan Chase & Co.

Posted 5 days ago

VIEW JOBS 8/20/2019 12:00:00 AM 2019-11-18T00:00 Endpoint Security / Malware Prevention Engineer Req #: 190062730_1 Location: Columbus, OH, US Job Category: Technology Job Description: As an experienced Infrastructure Development professional, your mission is to help lead our team of innovators and technologists toward creating next-level solutions that improve the way our business is run. Your hands-on knowledge in system design, application development, testing and operational stability will help your team deliver high quality products. You'll be instrumental in solving more difficult technical issues, developing integration elements, building data models, APIs, and open 3rd-party SDKs. You'll see your ideas come to life as part of a small, success-driven team. Your quest to embracing leading-edge technologies and methodologies inspires your team to follow suit. And best of all, you'll be able to harness massive amounts of brainpower through our global network of technologists from around the world to tackle big challenges. The Endpoint Security / Malware Prevention Engineer will design, develop, test and implement security solutions for our endpoint estate including, but not limited to, corporate end-user endpoints, servers, Automated Teller Machines (ATMs) and retail branch equipment. The successful candidate will work within the Security Engineering team, in partnership with the firm's Architecture, Security Operations and Lines of businesses, in a hands-on environment. He/she will work with numerous and varied applications and perform deployment, administration, management, configuration, testing, and integration tasks related to the firm's enterprise security platform; develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the firm's enterprise security platform; provide technical inputs to management during proof-of-concept reviews for new security products; provide technical guidance to the Security Operations Center and/or the lines of businesses during investigations or incident response. This role requires a wide variety of strengths and capabilities, including: * BS/BA degree or equivalent experience * Provide technical expertise throughout the software lifecycle including design, implementation and delivery. * Understanding cloud, virtualization, APIs, and modern software languages * Software development experience in one or more general purpose programming languages: Python, Bash, and/or Powershell * Experience with developing frameworks that helps increasing developer and release velocity, improving code health and technical standards * Advanced experience working with two or more from the following: web application development, database, unix/linux environments, distributed and parallel systems, information retrieval, networking, large scale software development, security software development * Understanding or have experience with agile and lean philosophies * Strong critical thinking and problem solving skills with clear communication * Ability to collaborate with different roles to achieve common goals * Deep technical knowledge of Malware to include prevention, and reverse engineering, as well as knowledge of Endpoint Detection and Response (EDR) technologies and experience in designing, developing, testing, deploying and maintaining Endpoint Security solutions for servers, databases, laptops, physical & virtual desktops. * Security platform or endpoint engineering experience within a large-scale global enterprise * Proficient in one or more of the following scripting languages: PowerShell, Python, Bash The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient. When you work at JPMorgan Chase & Co., you're not just working at a global financial institution. You're an integral part of one of the world's biggest tech companies. In 15 technology centers worldwide, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $11B annual investment in technology enables us to hire people to create innovative solutions that are transforming the financial services industry. At JPMorgan Chase & Co. we value the unique skills of every employee, and we're building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you're looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you. Jpmorgan Chase & Co. Columbus OH

Security Engineer

Veeva Systems