Senior Security Engineer, Security Assurance (Remote, Canada EST)
Canada (Remote)
About the team
The Security team advances Grafana’s overall security posture through critical initiatives and coordination of large security projects. We build technologies, tools, and processes to enable engineering squads to better develop secure software, protect customer and employee data, deploy systems with appropriate security controls, and securely operate a remote workforce.
We are building a security system that’s automated at scale, rigorously data-driven, and built from the ground up with defense-in-depth and self-healing in mind. This system will support a highly autonomous, remote-first, cloud-native organization. We’re taking the best of open-source and commercial tooling and making them talk to each other to arrive at some very special outcomes. We also want to open-source as much of our work as possible to security practitioners.
To support our growth and ambitious vision, we embrace agile principles and values, share openly, apply context-driven security mechanisms, default to action, and have an OSS-first mindset. We are a 100% remote company.
For all that, we believe absolutely in agreeing on high-velocity but reasonable expectations and timeframes and giving people the room to do great work in a setting that prioritizes health, happiness, and work-life balance.
Role
The Senior Security Assurance Engineer will collaborate across all of Grafana with a wide range of teams in engineering, security, cloud platforms, information technology, vendor management, and other stakeholders to articulate security policies, implement continuous monitoring, automate workflows, and configure alerts on policy failures.
A deep knowledge of security standards and frameworks (ISO, FedRAMP, PCI-DSS, etc) is essential for this role, you should also have provable experience automating security posture management, automating repetitive processes, and maximizing the suite of Grafana products to build self-serve security posture observability. You will work alongside other security engineers, full-stack developers, and customer-facing teams.
Ideally, you would be familiar with operating in a cloud-native, remote organization. This is an opportunity to help implement a security strategy and build the underlying platforms and workflows.
You will get to work on expanding the capabilities of our asset intelligence and governance program, security posture monitoring, compliance automation, customer security observability automation, and supplier security monitoring. Think about all the layers to build observability for system uptime, but now extending that to other layers of security that impact confidentiality and integrity (encryption, access control, incident response, etc.).
While deep knowledge of security standards and frameworks is …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Remote
Benefits/PerksBonus Equity Other benefits Other benefits listed Remote-first company Remote work Work-life balance
Tasks- Automate workflows
- Collaborate across teams
Access Control Agile principles AI Automation AWS Azure Cloud Cloud native Cloud platforms Cloud Security Collaboration Compliance Customer-facing Cybersecurity Dashboards Design Encryption Engineering FedRAMP GCP Governance Frameworks Grafana Grafana Cloud Grafana products Incident Response Information security Information Technology ISO Jira Kubernetes Logs Loki Metrics Mimir Monitoring Observability Open Source Operations OSS PCI DSS Security standards Self-Healing SQL Strategy Support Tempo Traces Vendor Management Visualization
Experience5 years
EducationBusiness Computer Science Engineering Equivalent experience
TimezonesAmerica/Edmonton America/Moncton America/Regina America/St_Johns America/Toronto America/Vancouver UTC-3 UTC-4 UTC-5 UTC-6 UTC-7 UTC-8