iManage is committed to providing an excellent candidate experience and will never ask you to engage in recruitment activity via text and exclusively communicates from emails using the @imanage.com domain. If you have any concerns or questions about communications you have received, please send them to [email protected] so our team members can review.
We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.
Being a Cloud Security Engineer at iManage means
You will primarily be responsible for the design, implementation, and routine monitoring of all security in a public cloud operation as well as with the integrations between that environment and other security systems including enterprise SIEM, EDR, and vulnerability management. As a key member of the team, you will utilize and integrate multiple Azure security technologies to provide holistic coverage. Additionally, you will assist in identifying, analyzing and influencing company management of security risks across the organization, based on observed events, logs, and collected threat intelligence. This position has a strong focus on automation of processes and controls.
Here is what one of our leaders, Manager of Cloud Security Engineers (Joe Hartmann), has to say about the investment we make: ”Security has always been a focus for iManage but we are making significant investments in the coming years so our team is growing at a global level. Also, we invest significant amount of time and money in our team members development including coaching, mentorship, informal or formal traning, reading materials, and anything else that will allow the engineer to grow at a professional and personal level.”
iM Responsible For
- Developing and configuring a hybrid multi-cloud approach to provide a holistic detection and response strategy.
- Utilizing adversarial threat-based tactics, techniques, and procedures to inform decision making in all aspects of project planning and delivery.
- Taking a systematic approach to problem solving including utilizing tried and true methodologies when building robust processes.
- Driving a threat concept to a fully built out security control including identifying data sources, build detection logic, formulate and document responses, perform validation, and strive for continuous improvement.
- Continuously monitor threat and vulnerability sources and analyzing the data for potential risks to the overall safe operations of the organization.
- Acting as part of the incident response team providing troubleshooting, analysis and forensics when needed.
- Inspecting issues as they arise in automation, version control, and overall security and suggest necessary steps to solve those quickly.
- Driving integrations with infrastructure and automation orchestration platforms through proven architectural patterns (e.g. APIs).
- Designing and implement automated security processes to increase operational effectiveness and to reduce manual processes.
- Interfacing with infrastructure and other teams throughout the organization with the objective to provide high quality and low friction, security operations services.
- Preparing and documenting standards and operating procedures.
- Acting as an escalation point for the SOC including mentoring, and leading technical development sessions.
iM Qualified Because I Have
- 3-5+ years of experience in cloud security or related areas.
- Demonstrable experience designing and building security controls for public cloud environments.
- Strong understanding of Cloud Security principles and poses the ability to apply those principles to a hybrid cloud environment including Microsoft Azure
- Splunk Enterprise experience in either platform administration or analyst roles as well as a cursory understanding of Splunk Enterprise Security
- General Understanding of DevOps, SRE and SDLC methods, tooling, processes, procedures and the security needs around them.
- Knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks.
- Hands on automation experience using Ansible, Terraform, Puppet, Chef and/or Salt.
- Understanding of logging solutions such as Splunk, Elastic Logstash, Apache Kafka & syslog.
- *NIX experience including CentOS/RedHat, Debian/Ubuntu and BSD including kernel level knowledge & experience.
- Be highly motivated to consume, process, and convert newly obtained knowledge & experience into their day-to-day work.
- Have the nearly innate desire to figure things out along with the dedication to maintaining a lifelong commitment to continuous learning.
- Possess excellent verbal and written communication skills, both in-person and electronic forms.
- Be comfortable with operating under minimal supervision after being given the direction and tools and in a fast-paced environment.
- Command the ability to think in a non-linear, yet almost rigorously analytical, type of problem-solving mindset.
- Understand, and be able to work with, global schedules that often require non-traditional, and non-US, working hours. Including on-call escalations during non-standard hours for work alerts and incident response.
Bonus Points if I Have
- Direct experience deploying Splunk Enterprise in a public cloud environment.
- Experience or understand configuring and integrating with cloud security controls within Microsoft Azure (incl. Key Vault, Azure AD, Entra, Microsoft Defender for Cloud, Microsoft Sentinel, CSPM, PIM, Event Hubs, etc.)
- Experience in firewall administration, including functions such as firewall ACL’s, DNS block lists and VPN.
- Exposure to EDR solutions such as CrowdStrike, Carbon Black or Defender.
- One or more of the following certifications: SANS GIAC certifications, AWS or Azure certifications, ISC2 Cloud Security Certification (CCSP), or Kubernetes/container (CKA/CKS) certifications.
Don't meet every qualification listed above? Studies show that women and people of color are less likely to apply to jobs unless they meet all qualifications. At iManage, we are committed to building a diverse and inclusive environment, and encourage everyone to show up as their full authentic selves. We welcome those that come with a growth mindset and a hunger for learning; so, if you are excited about this role but your past experience doesn't align perfectly with every qualification we encourage you to apply anyways!
iM Getting To
- Join a supportive, experienced team with an inclusive, encouraging, and vibrant culture.
- Have flexible work hours that allow me to balance my ‘me time’ with my work commitments.
- Collaborate in a modern open plan workspace, with a gaming area, free snacks, drinks and regular social events.
- Focus on impactful work, solving complex, real challenges utilizing the latest technologies and protocols.
- Own my career path with our internal development framework. Ask us more about this!
- Learn new skills and earn certifications with access to unlimited courses in LinkedIn Learning.
- Join an innovative, industry leading SaaS company that is continuing to grow & scale!
iManage Is Supporting Me By
- Creating an inclusive environment where I can help shape the culture not just by fitting in, but by adding to it.
- Providing a market competitive salary that is applied through a consistent process, equitable for all our employees, and regularly reviewed based on industry data.
- Rewarding me with an annual performance-based bonus.
- Offering comprehensive Health/Vision/Dental/Life Insurance, and a 401k Retirement Savings Plan with a company match up to 4%.
- Giving access to HealthJoy, a healthcare concierge service, to help me maximize my health benefits.
- Granting enhanced leave for expecting parents; 20 weeks 100% paid for primary leave, and 10 weeks 100% paid for secondary leave.
- Providing me with a flexible time off policy to take the time off that I need. Be it for vacation, volunteering, celebrating holidays, spending time with family, or simply taking time to recharge and reset.
- Caring for my mental health and well-being with multiple company wellness days and free access to the Healthy Minds app for mindfulness, meditation and more.
About iManage
iManage is dedicated to Making Knowledge WorkTM. Over one million professionals across 65+ countries rely on our intelligent, cloud-enabled, secure knowledge work platform to uncover and activate the knowledge that exists inside their business content and communications.
We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; Our work is not always easy but it is ambitious and rewarding.
So we’re looking for people who love a challenge. People who are happiest when they’re solving problems and collaborating with the industry’s best and brightest. That’s the iManage way. It’s how we do things that might appear impossible. How we develop our employees’ strengths and unlock their potential. How we find meaning in everything we do.
Whoever you are, whatever you do, however you work. Make it mean something at iManage.
iManage provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Learn more at: www.imanage.com
Please see our privacy statement for more information on how we handle your personal data: https://imanage.com/privacy-policy/