Smartsheet
Security Engineer II
Smartsheet, Bellevue, Washington, us, 98009
Smartsheet is a tech company with a human story to tell. We're here to empower teams to manage projects, automate workflows, and rapidly build new secure solutions, using simple no-code tools. We're revolutionaries - so for us changing the way the world works is all in a day's work.Cyber Security is an integral part of Smartsheet's corporate culture. At Smartsheet, we believe that it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Cyber Security has a significant effect on privacy, consumer trust, external reputation, and it is a priority on every team's agenda.We are seeking a motivated and detail-oriented Security Engineer to join our team who shares our passion in ensuring our customer data and the Smartsheet platform/service is protected and secured. In this role, you will support development teams with the implementation of Smartsheet's security best practices, ensuring that our applications and infrastructure are secure from the ground up. You will work closely with microservice DevOps teams to automate security processes and manage cloud infrastructure.You will report to our Senior Manager, Security Engineering located in our Bellevue, WA office, or you may work remotely from anywhere in the US where Smartsheet is a registered employer.You Will:Security Integration:
Assist in integrating security tools and practices into team CI/CD pipelines to identify vulnerabilities early in the development lifecycle.Automation:
Develop and maintain scripts to automate security tasks such as scanning, monitoring, and patch management.Monitoring and Alerting:
Implement security alerting, provide support to Security Operations to respond to potential threats and vulnerabilities, and participate in rotational on-call support.Collaboration:
Work with microservice DevOps, IT support, and compliance teams to ensure secure coding practices and configurations are followed, vulnerabilities are addressed, and security controls are implemented.Cloud Security Posture:
Help manage and secure cloud environments (e.g., AWS, GCP) by implementing best practices and security controls.Documentation:
Maintain up-to-date documentation of security processes, tools, and configurations.Continuous Learning:
Stay informed about the latest security trends, vulnerabilities, and tools to continuously improve the security posture of the organization.
You Have:3+ years of total experience in the field of cyber security and particularly in security engineeringExtensive experience in delivering security solutions across multiple environments including on-prem and cloud infrastructure - AWS experience is a plusExperience conducting security reviews and threat modeling on infrastructure software and services.Strong analytical and problem solving skillsExperience with network security concepts and capabilities including firewallsExperience deploying and/or utilizing security tooling such as Endpoint Detection and Response (EDR), Virtual Private Networks (VPN), Vulnerability scanning tools, Cloud Security Posture Management (CSPM), Security Information and Event Management (SIEM)Experience with NIST frameworks is a plus (800-53, NCF)Basic understanding of DevOps tools and practices (e.g., Git, Docker).Knowledge of cloud platforms (e.g., AWS, GCP) and their security features.Experience with Infrastructure-as-code and policy-as-code is a plusExperience with hardened image builds and deployment is a plus.Strong problem-solving skills with attention to detail and an eagerness to learn and adapt to new technologies and challenges.Relevant certifications such as CompTIA Security+, AWS Certified Security - Specialty, or similar.In order to comply with federal government requirements, this job is only available to U.S. citizens, U.S. lawful permanent residents, U.S. nationals, and certain temporary residents, refugees, and asylees.
US Perks & Benefits:HSA, 100% employer-paid premiums, or Buy-up medical/vision and dental coverage options for full-time employeesStock - Restricted Stock Units (RSUs) for eligible rolesLucrative Employee Stock Purchase Program (15% discount)401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)Monthly stipend to support your work and productivityFlexible Time Away Program, plus Incidental Sick LeaveUS employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plansUS employees receive 12 paid holidays per yearUp to 24 weeks of Parental LeavePersonal paid Volunteer Day to support our communityOpportunities for professional growth and development including access to Udemy online coursesCompany Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet accountTeleworking options from any registered location in the U.S. (role specific)
Smartsheet provides a competitive base salary range for roles that may be hired in different geographic areas we are licensed to operate our business from. Actual compensation is determined by several factors including, but not limited to, level of professional, educational experience, skills, and specific candidate location. In addition, this role will be eligible for a market competitive incentive opportunity and some roles may be eligible for a RSU stock grant upon accepted offer.US Pay Range $120,000—$157,500 USD
Get to Know Us:At Smartsheet, we've created a place where everyone is welcome - people from all over the world, all backgrounds, all ages, all colors, and all beliefs working side by side. Here, everyone can make a difference and empower others to do the same. You're encouraged to apply even if your experience doesn't precisely match our job description-if your career path has been nontraditional, that will set you apart. At Smartsheet, we empower everyone, everywhere to change the way the world works-join us!Equal Opportunity Employer:Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, and Japan. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know.#LI-Remote
Assist in integrating security tools and practices into team CI/CD pipelines to identify vulnerabilities early in the development lifecycle.Automation:
Develop and maintain scripts to automate security tasks such as scanning, monitoring, and patch management.Monitoring and Alerting:
Implement security alerting, provide support to Security Operations to respond to potential threats and vulnerabilities, and participate in rotational on-call support.Collaboration:
Work with microservice DevOps, IT support, and compliance teams to ensure secure coding practices and configurations are followed, vulnerabilities are addressed, and security controls are implemented.Cloud Security Posture:
Help manage and secure cloud environments (e.g., AWS, GCP) by implementing best practices and security controls.Documentation:
Maintain up-to-date documentation of security processes, tools, and configurations.Continuous Learning:
Stay informed about the latest security trends, vulnerabilities, and tools to continuously improve the security posture of the organization.
You Have:3+ years of total experience in the field of cyber security and particularly in security engineeringExtensive experience in delivering security solutions across multiple environments including on-prem and cloud infrastructure - AWS experience is a plusExperience conducting security reviews and threat modeling on infrastructure software and services.Strong analytical and problem solving skillsExperience with network security concepts and capabilities including firewallsExperience deploying and/or utilizing security tooling such as Endpoint Detection and Response (EDR), Virtual Private Networks (VPN), Vulnerability scanning tools, Cloud Security Posture Management (CSPM), Security Information and Event Management (SIEM)Experience with NIST frameworks is a plus (800-53, NCF)Basic understanding of DevOps tools and practices (e.g., Git, Docker).Knowledge of cloud platforms (e.g., AWS, GCP) and their security features.Experience with Infrastructure-as-code and policy-as-code is a plusExperience with hardened image builds and deployment is a plus.Strong problem-solving skills with attention to detail and an eagerness to learn and adapt to new technologies and challenges.Relevant certifications such as CompTIA Security+, AWS Certified Security - Specialty, or similar.In order to comply with federal government requirements, this job is only available to U.S. citizens, U.S. lawful permanent residents, U.S. nationals, and certain temporary residents, refugees, and asylees.
US Perks & Benefits:HSA, 100% employer-paid premiums, or Buy-up medical/vision and dental coverage options for full-time employeesStock - Restricted Stock Units (RSUs) for eligible rolesLucrative Employee Stock Purchase Program (15% discount)401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)Monthly stipend to support your work and productivityFlexible Time Away Program, plus Incidental Sick LeaveUS employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plansUS employees receive 12 paid holidays per yearUp to 24 weeks of Parental LeavePersonal paid Volunteer Day to support our communityOpportunities for professional growth and development including access to Udemy online coursesCompany Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet accountTeleworking options from any registered location in the U.S. (role specific)
Smartsheet provides a competitive base salary range for roles that may be hired in different geographic areas we are licensed to operate our business from. Actual compensation is determined by several factors including, but not limited to, level of professional, educational experience, skills, and specific candidate location. In addition, this role will be eligible for a market competitive incentive opportunity and some roles may be eligible for a RSU stock grant upon accepted offer.US Pay Range $120,000—$157,500 USD
Get to Know Us:At Smartsheet, we've created a place where everyone is welcome - people from all over the world, all backgrounds, all ages, all colors, and all beliefs working side by side. Here, everyone can make a difference and empower others to do the same. You're encouraged to apply even if your experience doesn't precisely match our job description-if your career path has been nontraditional, that will set you apart. At Smartsheet, we empower everyone, everywhere to change the way the world works-join us!Equal Opportunity Employer:Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, and Japan. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know.#LI-Remote