Cloud Security Engineer

We are looking for people that believe in the PandaDoc culture and are ready to develop secure, reliable, and scalable product solutions within our fast-growing business.

Are you adaptable, driven, and friendly? Do you thrive in a fast-paced work environment where collaboration is the norm? If the answer is yes, then you’re a Panda and we want you to join our team.

PandaDoc is looking for talented Security Engineers focused on Security Operations activities to join the Security team. SecOps engineers focused on enabling Product teams in streamlining incident management and vulnerability management processes.

As a cloud security engineer at PandaDoc, you will focus on securing our AWS infrastructure using AWS-native and third-party security tools. You will work closely with various engineering teams to identify cloud infrastructure vulnerabilities and implement new security controls to safeguard our environment.

In this role, you will:

• Monitor and test information systems to identify vulnerabilities
• Execute or manage remediation of identified vulnerabilities
• Respond to security incidents and perform root cause analysis
• Assess and understand PandaDoc’s current security framework and future architecture, providing recommendations for risk reduction
• Design, implement, maintain, and evangelize automated security solutions
• Work closely with DevOps and SRE teams to implement new security controls
• Analyze and monitor relevant security threats and prevention measures based on industry trends and standards
• Perform cloud services hardening, including reviewing roles and permissions for services and APIs

Our stack:

• Service-oriented architecture
• Two main stacks: Java and Python
• Message queues: NATS, Kafka, and RabbitMQ
• Amazon Web Services: EKS, RDS, ElastiCache, etc.
• Combination of AWS native and 3rd party security tools for infrastructure and application security'

About you:

• 2+ years of cloud security experience implementing security controls and best practices in AWS, GCP, or Microsoft Azure
• 2+ years of experience with security management tools, including IDS/IPS, WAF, SIEM, vulnerability scanning, and penetration testing
• Good understanding of Access Control and Identity Access Management principles (SAML 2.0, OAuth, JWT, etc) 
• Experience with implementing DevSecOps practices in SSDLC
• Solid interpersonal, written, and verbal communication skills
• Upper-Intermediate English level (B2+)

Benefits:

• An honest, open culture that emphasizes feedback and promotes professional and personal development
• An opportunity to work from anywhere — our team is distributed worldwide, from Minsk to Manila, from Florida to California
• An annual personal budget for educational classes, conferences, etc. — anything to further your professional knowledge
• A competitive salary
• And much more!

Company Overview: 

PandaDoc empowers more than 30,000 growing organizations to thrive by taking the work out of document workflow. PandaDoc provides an all-in-one document workflow automation platform that helps fast scaling teams accelerate the ability to create, manage, and sign digital documents including proposals, quotes, contracts, and more. For more information, please visit https://www.pandadoc.com.

Company Culture: 

We're known for our work-life balance, kind co-workers, & creative virtual team-bonding events. And although our Pandas are located across the globe, we stay connected with the help of technology and ensure that everyone on our team feels, well, like a team.

Pandas work best when they're happy. We retain our talent by upholding our values of integrity & transparency, and selling a product that changes the lives of our customers. 

Check out our LinkedIn to learn more.