Mattermost, one of Y Combinator’s top 100 companies, provides an open source enterprise-grade messaging platform to the world’s leading organizations that allows teams to collaborate securely and privately anywhere. With over 10,000 server downloads / month our customers include Intel, Samsung, Affirm, The US Department of Defense and more. Our private cloud solutions offer secure, configurable, highly-scalable messaging across web, phone and PC with archiving, search, and deep integrations with hundreds of SaaS and on-premises technologies. Headquartered in Palo Alto, California, our company serves customers around the world with a distributed organization spanning the globe.
We value high impact work, ownership, self-awareness and being focused on customer success. If these values match who you are, we hope you’ll learn more about working at Mattermost and come talk to us!
About the Role
Working in open source means your work is publicly visible. Your code will receive both credit and constructive critique from the community. With the right mindset and support these can lead to you a highly positive working environment and making the best engineering decisions of your career. Core committers include highly skilled volunteer developers from the community, staff employed by enterprises deploying and investing in Mattermost, as well as staff employed by Mattermost, Inc.
We are looking for an experienced security engineer to develop, improve and maintain security infrastructure and operations within Mattermost.
- Setup and maintenance of log analysis infrastructure
- Security architecture for infrastructure projects
- Detect and respond to security incidents
- Development and review of company-wide security policies
- Maintenance of company-wide IAM solution
- Setup and maintenance of incident response and forensic toolkit
- Bachelor’s degree in Computer Science or related fields, or significant professional software development experience
- 2+ years of demonstrated experience in web or cloud security engineering, log aggregation, and/or penetration testing
- Experience with log analysis systems
- Experience with AWS, GCP and/or Azure
- Experience with identity and access managementIn-depth knowledge of Linux systems
- Excellent written and verbal communication skills
- Demonstrable teamwork skills and resourcefulness
- Knowledge of common application security vulnerabilities and their mitigations
- Experience with infrastructure automation and software delivery
- Certifications in the domain of penetration testing, incident response or computer forensics (e.g. OSCP, GCIH, GCFA, …)
- Familiarity with Kubernetes and Docker
- Experience working in open source communities
To apply for this job please visit jobs.lever.co.