Senior Staff Security Engineer

　　Senior Staff DevSecOps Engineer

　　Product Software, Data Center Services

　　Equinix is the world's digital infrastructure company. We interconnect industry-leading organizations such as finance, manufacturing, retail, transportation, government, healthcare and education across a digital-first world. Business leaders harness our trusted global data center services platform to bring together and interconnect the foundational infrastructure that powers their success-sustainably and securely. With a presence in more than 50 markets worldwide, We provide cutting-edge solutions that enable companies to accelerate their digital transformation and thrive in today's interconnected world.

　　Job Description

　　If you worked in application development and operations, have experience in at least one programming language, software security is your passion, DevOps work culture excites you then you are our perfect candidate. You will become a part of a world-class product engineering team that's responsible for development of key Equinix products. We build highly scalable, globally distributed software, using modern technology stack, cloud, microservices architecture, real-time and near-real-time stream processing, API-first approach and focusing on the product quality and processing SLA. This can make you a part of the world-class product engineering team that's paving the path for new ways for enterprises to consume ever increasing data center services.

　　Job Summary

　　This role is technical, hands-on, engineering role for security specialists knowing Java and having experience with distributed, highly automated environment or a developer understanding security and open to learn new things. Your responsibility will be reducing risk and improving security posture by analyzing vulnerabilities and implementing remediations while working within software engineering teams including both software development and operations.

　　Responsibilities

　　Engage with Product Engineering in design, implementation, and maintenance of the build/release process.Collaborate with Product Engineering to integrate security practices into software development process, ensuring secure coding standards, design principles, and threat mitigation strategies are followed.Work with Product Engineering to grow their knowledge and adopt tools to be self-sufficient while working with infrastructure.Contribute to development and maintenance of tools enabling infrastructure as a code.Engage in incident resolution, build mitigation plans of owned applications.Audit, analyse and test security - SAST, DAST, penetration testing.Improve security and compliance controls in support of DevOps processes.Collaborate with internal stakeholders to address security requirements and enhance security awareness across the organization.Contribute to development and maintenance of security policies, procedures, and guidelines that align with industry best practices and regulatory requirements.Actively research and keep abreast of the latest security threats, vulnerabilities, and industry best practices, and apply this knowledge to continuously improve our security strategies.

　　Qualifications

　　Software Engineering

　　You have at least 5+ years work experience in Product Engineering organization in a medium or large corporate environment.You are familiar with cloud-based application development, understanding of Java eco-system (Spring/Play/Hibernate) and/or JavaScript (React/Angular/Ember), HTML5/CSS3, Node.JSYou have experience in Agile software delivery methodology.You have experience setting up and maintaining CI/CD pipelines.You have DevOps experience (nice to have)

　　Infrastructure configuration and management

　　You have experience in running and monitoring production systems utilizing microservices and distributed systems architecture at scale with observability.You know how to build and operate Docker containers.You have experience with defining and managing applications that operate on orchestration platforms like Kubernetes.You have working experience with service mesh configuration (nice to have)You have a background in workload based on cloud-based system with at least one of the leading public cloud platforms (AWS/Azure/GCP - nice to have)

　　API Gateway Engineering (nice to have)

　　You understand common API concepts and standards as well as aspects of data storage, service status and session handling.You are familiar with API management system for high availability, resilience, and recovery.You know how to deploy, configure, tune, and monitor API GatewaysYou know how to apply API policies and standards for security and standarization of an enterprise.

　　Application security

　　You understand security principles, secure coding practices, and common security vulnerabilities (OWASP Top 10, CWE, etc.).You have knowledge in areas of network protocols, web application security, and data protection mechanisms.You can identify, report & drive fixing vulnerable libraries/packages in Java, JavaScript, messaging frameworks and workflow engines.You have knowledge of authentication and authorization technologies and methods (SAML, HMAC, OAuth, OIDC etc)You have experience with WAF (nice to have)You understand compliance frameworks like PCI, ISO, GDPR and SOC (nice to have)

　　Additional expectations

　　Curiosity and ability to learn new tools.Talent multiplier who gets the team around them to excel.Experience debugging complex problems.Persistence, creativity and drive to relentlessly get excellent results.English on a level that lets you work efficiently and discuss complex technical topics.Experience in working with people from diverse cultures spread across the globe in different time zones (nice to have)Alignment to company values known as Magic of Equinix https://blog.equinix.com/blog/2017/07/06/a-companys-culture-is-critical-can-you-define-yours/

　　Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.

　　Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.