Pandora is looking for a Senior level security engineer who is driven to ensure the security and integrity of Pandora’s hybrid cloud environments, IS/IT assets, users, and employees.
The successful candidate will lead on the architecture, and take ownership of the technical implementation, for Pandora’s security infrastructure.
This role will help to identify trends and techniques in malware, hacker methodologies, system vulnerabilities, and key indicators of potential system exploits. There will be an excellent opportunity to work across a vast and complex system of infrastructure and software to ensure Pandora’s defense in depth.
SIEM design, operation and analysis
Take a proactive role in identifying and mitigating potential threats across the production and corporate infrastructures
Perform detailed forensics for security related incidents
Experience with security related anomaly detection and mitigation
Maintain an expert level of understanding of the latest trends with Nation State Actors, Hacktivism, Botnets, and Exploits
Work with the Compliance and Policy teams to ensure operational efforts are in line with Compliance and Policy standards (SOX, PCI)
Maintain a secure environment while enabling CI/CD and Agile development strategies for our developers.
5+ years of experience in a security related position.
Experience with hybrid cloud infrastructures (GCP, AWS, Azure, on-prem)
Mastery of one or more programming languages (Python, Java, Go, C++)
Experience detecting and mitigating attacks on high-volume, public-facing websites
Strong knowledge of Enterprise Security paradigms including Cloud and on-prem services (AD, LDAP, SAML, SAAS)
Strong knowledge of current cryptographic technologies
Experience advocating for Business Continuity and Security in a production and corporate IT environment
Deep understanding of current automation trends (Ansible, Chef, Puppet)
5+ years of Linux, Unix, Windows, or Network administration
Strong understand of DPI firewalls, VPNs, and SSO Gateways
Strong written and oral communication skills; the candidate must be able to clearly educate the business to known and potential threats.
Experience consuming RESTful APIs for custom tooling, monitoring, and automation.
Working knowledge of DDoS detection and mitigation strategies