Security Engineer

The Honest Company, a leading healthy lifestyle brand, is committed to creating products that are effective, safe, delightful, accessible, and responsible. In pursuit of its mission to empower people to live a healthy and happy life,

The Security Engineer (security operations focus) will play a key role in the information security, IT and DevOps groups. Reporting to the Directory of Information Security, the engineer will work with multiple business units (i.e., engineering, product, HR, finance, etc.) to maintain and improve efficiency of security processes and technologies. The engineer will be tactful in delivering results that provide balance between business productivity needs with security concerns.

* Identify security issues and risks associated with security events or alerts from various security tools, and develop remediation and/or risk mitigation plans * Leverage a number of security tools for issue resolution including, but not limited to: SIEM/syslog, IDS/IPS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, security incident response and Identity Management software * Coordinate maintenance of security-related systems (Anti-Virus, Patching, Intrusion Detection, Logging, Anti-spam, etc.) * Develop and automate security processes where applicable and provide support for compliance efforts * Recommend and publish system configuration standards, policies and procedure documents * Work with InfoSec product vendors and service providers, to evaluate potential security offerings, including product evaluations, pilots and proof of concept installations

* Bachelor's degree required (computer science or relevant degree) * Two or more years of experience in system engineering, network engineering and/or information security * Excellent written and oral communications skills * Self-motivated and directed with ability to effectively prioritize and execute tasks * Experience with a variety of IaaS, PaaS and SaaS applications * Intermediate knowledge of both Microsoft (Windows Server, Active Directory focus) and Linux-based technologies (primarily Ubuntu) * Intermediate knowledge of systems and information security fundamentals (Patch Management, VPN, Firewalls, IDS/IPS, Firewalls, Vulnerability Management, etc.) * Excellent knowledge of networking protocols (TCP/IP) and service protocols (HTTP, HTTPS, LDAP, SSL, SSH, SMTP, DNS and FTP)