Senior Security Engineer

New Relic is hiring a senior security engineer to join our Information Security Team! The Infrastructure Assurance team is responsible for safeguarding New Relic's global infrastructure (including servers, networks, workstations, and cloud). In this role, you will collaborate with diverse teams across the organization, developing and improving tools to help improve their understanding of security risks. You'll play a critical role in safeguarding New Relic's global infrastructure, focusing on proactive security controls, pragmatic threat assessments, and collaboration with teams to prioritize security work.

• Operate as one of the senior technical figures for the Infrastructure Assurance team and partner teams in the Asia Pacific Japan (APJ) region. 
• Educate product/platform engineers on effectively applying security best practices related to multi-cloud, kubernetes, and internal applications and services.
• Provide security design guidance and perform security reviews for New Relic infrastructure and services, ensuring a secure by design model. 
• Establish yourself as a security authority with a deep understanding of engineering and non-engineering team roadmap and priorities.
• Mentor/coach and remove technical roadblocks as needed for junior team members.
• Collaborate and cultivate relationships with IT, Compliance, Product Legal & Privacy, and non-engineering teams on multi-functional work streams and projects.

• ​​Bachelor's degree in Computer Science or equivalent practical education and experience.
• 4+ years of cloud or infrastructure engineering experience.
• 2+ years of infrastructure security experience.
• Experience securing infrastructure and services built in a multi-account AWS environment
• Strong understanding of Identity and Access Management (roles, policies, SCP).
• Experience performing security reviews and risk assessments in SaaS and cloud based environments.
• Understanding of modern DevOps engineering and containerization.
• Working understanding of common/best practice network security controls, authentication, and security protocols.
• Working understanding of SOC 2, FedRAMP, CIS Critical 18, and PCI DSS frameworks. 
• Capability to effectively communicate with individuals of varying levels of technical expertise.
• Ability to lead cross company objectives, work autonomously, navigate ambiguous situations, and identify innovative solutions. 
• Ability to draft/maintain clear and concise documentation.

• 2+ years working with modern container technologies; Kubernetes is a bonus.
• Ability to explain and advise on secure design and implementation of complex security problems, including the ability to dive into secure design with engineers.
• Experience performing threat modeling. 
• Experience securing infrastructure and services built in Azure, or Google Cloud
• Writing in and understanding an infrastructure orchestration solution, such as Terraform, Chef, or Ansible.
• Proficiency in at least one programming language, like Python, Ruby, and/or Go.
• Proven capability to improve various processes via automation.
• An understanding of tradeoffs between reliability and security in a SaaS organization.