Skip To Content
Groupon Tech and Product Team
R26768

DevOps Engineer, Cloud Security

Description

Open to Remote Anywhere in the U.S

Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiences––big and small, new and familiar––that make for a full, fun and rewarding life. Groupon helps local businesses grow and strengthen customer relationships––resulting in strong, vibrant communities. Even with thousands of employees spread across multiple continents, we still maintain a culture that inspires innovation, rewards risk-taking and celebrates success.

Groupon’s Information Security team is seeking a sharp Information Security engineer with a background in designing and implementing security solutions in cloud environments such as AWS.  This position is best suited for an experienced Information Security Engineer with a strong proven understanding of AWS native products and functionality along with other technologies and best practices for cloud security. Primary responsibilities will be determining the interaction between the various layers of applications and platforms running in AWS and creating a cohesive layered security strategy for securing them. This candidate will liaison with other cloud-focused infrastructure, operations, and DevOps teams within Groupon to ensure the safety of Groupon’s information systems assets, and customer data, and to protect systems from unauthorized access and abuse.

This Information Security Engineering position will initially focus on the design, configuration, deployment, and management of cloud security across a diverse team of infrastructure teams, software engineers, and system architects.  This position will be tasked with working with these teams to determine and implement an optimal set of security controls in the cloud. Additional responsibilities include the ability to analyze and perform event correlation, create dashboards and reporting content, troubleshoot, and remediate issues.

This role will also encompass systems and mechanisms used for host-based intrusion detection and prevention systems and in particular their cloud-native equivalents.  The candidate will have knowledge of functionality such as Cloudtrail, GuardDuty, and Macie, and will be able to integrate events and alerts from them into existing industry-standard EDR and/or SIEM solutions. Though the initial project focus will be cloud security focused, this position can expand into other technical information security projects and team responsibilities over time.  If you see yourself as an InfoSec professional and are looking to really expand your knowledge and experience, this is the position for you.

We're a "best of both worlds" kind of company. We're big enough to have resources and scale, but small enough that a single person has a surprising amount of autonomy and can make a meaningful impact. We're curious, fun, a little intense, and kind of obsessed with helping local businesses thrive. Does that sound like a great way to grow your career? Let's get into the details:

 

You’ll spend time on the following:

  • Act as the Subject Matter Expert (SME) for security in the cloud within Groupon

  • Experience working as a peer to technical leaders in engineering disciplines such as platform architecture, software development, network, and system administration

  • Experience with change control policy and procedures

  • Provide technical and operational security support to IT, Engineering, Legal, and business units

  • Maintain knowledge of the latest active security threats

  • Implement analytics-driven rules to enhance and maintain visibility for the Information Security team across endpoint & cloud network activity and audit logs

  • Effectively work across a geographically distributed team environment

  • High degree of self-sufficiency, ownership, and pride of deliverables

  • Perform technical security assessments against internal and external facing systems using open source and commercial tools

  • Implement new security technologies as required to support a dynamic/challenging business environment

  • Assist in the maintenance/development of security policies and procedures

 

We’re excited about you if you have:

  •  Bachelor’s Degree preferred

  • 5+ years of Information Security experience, in a highly technical hands-on environment

  • Experience building and deploying applications running on/in Amazon Web Services and Google Cloud Platform

  • 2+ years of experience securing applications in cloud environments such as AWS and GCP

  • 2+ years experience with Terraform and other cloud automation-enabling tools such as CloudFormation

  • Experience with scripting (Python, Bash) and tooling such as Calico and Sysdig

  • Hands-on experience designing usage and implementation of cloud-native technologies

  • Hands-on experience with containerized applications running in a Kubernetes environment

  • Functional ability as a Linux sysadmin with scripting experience

  • Strong knowledge of networking and web-related protocols (e.g., TCP, UDP, IPSEC, HTTP, HTTPS, network routing protocols)

  • Experience working with many network security controls (Routers, Firewalls, Proxies, ACL’s, Wireless networking protocols), in particular, their cloud-native equivalents

  • Professional security certifications are nice-to-have but not required

  • Cursory knowledge of PCI, SOX 404, GDPR, and other regulations/standards 

#LI-Remote


Das Ziel von Groupon ist es, starke Gemeinschaften durch florierende kleine Unternehmen aufzubauen. Klicken Sie bitte hier, um mehr über den weltgrößten lokalen E-Commerce-Marktplatz und die neuesten Nachrichten rund um Groupon zu erfahren. Werfen Sie außerdem einen Blick auf die Werte, welche unsere Kultur prägen, unsere Strategie leiten und unser Unternehmen zu einem großartigen Arbeitsplatz machen. Und verlassen Sie sich nicht nur auf unser Wort. Erfahre mehr von Groupon-Teammitgliedern, entdecke unsere Mitarbeitergruppen und erhalte einen Einblick in unsere Leistungen. Sollte sich all das nach etwas Passendem für Sie anhören, dann klicken Sie auf „Anmelden“ und überzeugen Sie sich selbst davon, wohin uns das führt.

Groupon is an Equal Opportunity Employer

Die Eignung für eine Beschäftigung, Beförderung und andere Beschäftigungsbedingungen basiert auf der Leistung am Arbeitsplatz. Es besteht Chancengleichheit für alle Bewerber, ohne Bezug auf die ethnische Herkunft, den Glauben, die Religion, die Hautfarbe, das Alter, die Nationalität, die Herkunft, das Geschlecht, eine Behinderung, den Gesundheitszustand, die sexuelle Orientierung, die Geschlechtsidentität oder geschlechtliche Darstellung, genetische Informationen, Abstammung, Familienstand, militärischen Entlassungsstatus (exklusive unehrenhafter Entlassung), Veteranenstatus, Staatsangehörigkeitsstatus oder einen anderweitig rechtlich geschützten Status. Wir sind alle dafür verantwortlich, diese Richtlinien einzuhalten. Wenn Sie Bedenken hinsichtlich der Chancengleichheit bei Groupon haben, können Sie sich an Ethicspoint, Groupons Ethical Reporting Service, wenden.

Bleibe in der Gruppe

Du findest nicht das Richtige für Dich, oder es ist nicht der richtige Zeitpunkt für eine Bewerbung? Melde Dich für unsere Talent Community an und bleibe auf dem Laufenden über Karrieren bei Groupon.

Schließe Dich jetzt an!