Overleaf Enterprise
Infrastructure & Security Operations Engineer
Overleaf Enterprise, Little Ferry, New Jersey, us, 07643
Infrastructure & Security Operations Engineer
Department:
TechnicalEmployment Type:
Full TimeLocation:
USA, Remote
Description
About us
We are
Digital Science
and we are advancing the research ecosystem.
We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all. We believe in better, open, collaborative and inclusive research. In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research. In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team. Want to join us?
Your new role
As an Infrastructure & Security Operations Engineer, you will be part of our wider Information Security team. Implementing and operating a secure cloud environment and the security controls protecting it.
This role partners with several areas of Digital Science and adds value through delivering and operating a robust secure hosting environment operating within a compliance framework which meets our ever evolving customer compliance requirements. You will be a founding member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements.
This role (due to Federal requirements) can only be satisfied by a “US citizen, US national, or US person” and additional checks may be required.What you’ll be doingWork as part of a newly-formed, dedicated team responsible for US Federal customers
Implement and manage database and application infrastructure within AWS (GovCloud)
Work with the stakeholders from across the group, our customer-base and third-party vendors/partners, to embed and enhance security for products, services and business units under your purview.
Implement and manage controls across several frameworks including FedRAMP and NIST primarily.
Identifying and mitigating risks, utilising governance, risk and compliance tooling to map to DS policies and procedures while operating the environment(s) under the role
Implementing policies and procedures in order to align with DS policies while satisfying the needs of additional frameworks including FedRAMP and NIST
Monitoring compliance as required to maintain the FedRAMP authority to operate at the appropriate level
Participating in audits and assessments in advance of the external audits required
What you’ll bring to the roleYou have relevant work experience with AWS services (e.g. EC2, S3, VPC, Route53, RDS, EKS) alongside network and information security.
You have relevant work experience with application containers and container orchestration technologies (e.g. kubernetes, docker)
You have used infrastructure as code tools (e.g. terraform)
You have database infrastructure experience with PostgreSQL, Apache Solr and MongoDB.
You have experience setting up and maintaining continuous integration and continuous deployment pipelines at scale and in Production.
You have operated within a highly regulated/secure compliance environment such as FedRAMP (to at least ‘moderate’ level) or DoD IL4 with an understanding/experience of NIST-800 (53 and 218 at a minimum).
You have a good understanding of ISO/IEC 27001 and 27701
You’re highly organised and have the ability to work on intricate details without losing the big picture
You’ll be a good communicator and comfortable communicating with people at all organisational levels and contributing to conversations around recommendations for improvements
You have a collaborative approach to how you work and ensure all groups are communicated with and understand your process and approach
You’re a self learner and have an inquisitive mind
You’re resourceful and solutions focussed, making practical considerations for all groups involved
You’re a natural problem solver and have strong analytical skills
Bachelor degree in Computer Science or a related field, and/or equivalent Information Security related certifications (such as CISSP).
Living our Values
We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open, efficient and effective.
The talent we secure is fundamental to us achieving our vision and our growth plans. The values we live by are:
We are
brave in the pursuit of betterWe are
collaborative and inclusiveWe are
always open-mindedWe are
from and for the community
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status
Additional Information
Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.#J-18808-Ljbffr
Department:
TechnicalEmployment Type:
Full TimeLocation:
USA, Remote
Description
About us
We are
Digital Science
and we are advancing the research ecosystem.
We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all. We believe in better, open, collaborative and inclusive research. In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research. In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team. Want to join us?
Your new role
As an Infrastructure & Security Operations Engineer, you will be part of our wider Information Security team. Implementing and operating a secure cloud environment and the security controls protecting it.
This role partners with several areas of Digital Science and adds value through delivering and operating a robust secure hosting environment operating within a compliance framework which meets our ever evolving customer compliance requirements. You will be a founding member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements.
This role (due to Federal requirements) can only be satisfied by a “US citizen, US national, or US person” and additional checks may be required.What you’ll be doingWork as part of a newly-formed, dedicated team responsible for US Federal customers
Implement and manage database and application infrastructure within AWS (GovCloud)
Work with the stakeholders from across the group, our customer-base and third-party vendors/partners, to embed and enhance security for products, services and business units under your purview.
Implement and manage controls across several frameworks including FedRAMP and NIST primarily.
Identifying and mitigating risks, utilising governance, risk and compliance tooling to map to DS policies and procedures while operating the environment(s) under the role
Implementing policies and procedures in order to align with DS policies while satisfying the needs of additional frameworks including FedRAMP and NIST
Monitoring compliance as required to maintain the FedRAMP authority to operate at the appropriate level
Participating in audits and assessments in advance of the external audits required
What you’ll bring to the roleYou have relevant work experience with AWS services (e.g. EC2, S3, VPC, Route53, RDS, EKS) alongside network and information security.
You have relevant work experience with application containers and container orchestration technologies (e.g. kubernetes, docker)
You have used infrastructure as code tools (e.g. terraform)
You have database infrastructure experience with PostgreSQL, Apache Solr and MongoDB.
You have experience setting up and maintaining continuous integration and continuous deployment pipelines at scale and in Production.
You have operated within a highly regulated/secure compliance environment such as FedRAMP (to at least ‘moderate’ level) or DoD IL4 with an understanding/experience of NIST-800 (53 and 218 at a minimum).
You have a good understanding of ISO/IEC 27001 and 27701
You’re highly organised and have the ability to work on intricate details without losing the big picture
You’ll be a good communicator and comfortable communicating with people at all organisational levels and contributing to conversations around recommendations for improvements
You have a collaborative approach to how you work and ensure all groups are communicated with and understand your process and approach
You’re a self learner and have an inquisitive mind
You’re resourceful and solutions focussed, making practical considerations for all groups involved
You’re a natural problem solver and have strong analytical skills
Bachelor degree in Computer Science or a related field, and/or equivalent Information Security related certifications (such as CISSP).
Living our Values
We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open, efficient and effective.
The talent we secure is fundamental to us achieving our vision and our growth plans. The values we live by are:
We are
brave in the pursuit of betterWe are
collaborative and inclusiveWe are
always open-mindedWe are
from and for the community
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status
Additional Information
Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.#J-18808-Ljbffr