MediaAlpha is a customer acquisition solutions provider powered by technology and data science. The company provides industry-leading solutions designed to reach consumers shopping within high-consideration categories such as property and casualty insurance, health insurance, life insurance, personal finance, travel, education, and more.
Our Senior Security Engineer is a generalist in overall information security practices necessary for an organization's operation, with a specialty in the technologies most relevant to MediaAlpha. They are responsible for analyzing complex security issues to improve the company's overall posture, evaluating new functionalities to ensure production readiness, and ensuring our security objectives.The security engineer shall maintain the day to day functions necessary to maintain the security operations of MediaAlpha while maintaining the security related technologies, and functions in the organization.
Responsibilities
- Will ensure the secure implementation of our cloud environment in Amazon Web Services and our end user technology environment.
- Evaluate security products with vendors and aid in the deployment. This may include server side, or end user side technologies.
- Ensure safe, secure, and streamlined methods for our team members, customers, and partners to access information through MediaAlpha servers and products..
- Evaluate new technologies or services and assist in the design and implement holistic security solutions.
- Develop new playbooks and automation solutions for our security technologies.
- Identify deficiencies in security services and propose plans for improvement and implementation.
- Document security policies, controls, and processes, and develop runbooks and how-to guides for operational readiness of engineered solutions.
- Evaluate and create cloud security baselines and implement monitoring to assure compliance.
- Support the ongoing vulnerability and security testing tools used by the organization.
- Address compliance requirements and provide evidence for audit.
- Respond to security related concerns escalated by our monitoring providers.
- Review system and security logs for issues daily. Ensure security patches/updates maintained on systems.
- On-call 24/7 for security related issues.
Requirements
- Minimum of 5 years of related experience
- At least two certifications related to Information Security in the domains of Architecture, Networking, Engineering, or Operations required.
- Expert level knowledge of Linux is required.
- Prior experience working in a medium to large enterprise.
- Expected to work in the office at least 2 days a week in Bellevue, WA or Los Angeles, CA
Additional Qualifications
- Industry experience with AWS, Network security, and System security with demonstrable experience in Amazon Tools (Guard Duty, SNS, Route 53, Security Groups, Fargate Identity Center, and more…)
- Experience with vulnerability management, SIEM, compliance to security baselines, containers, and Identity and Access Management in the cloud (AWS Identity + OKTA).
- Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (NIST 800-171, SOC 2, etc..).
- Experience with delivering reliable, available, and high-performance enterprise-scale solutions.
Familiarity with these is a plus:
- Containers, CloudFormation, Pagerduty, Jira, OKTA, Crowdstrike, Hashicorp, Perl, Json, Linux, Bash, Apache
- NIST 800-171, SOC 2
- AWS such as: EC2, IAM, VPC, Route53, CloudWatch, Guard Duty, S3, Billing, Security Groups
- Imperva WAF, ZScaler ZPA
Compensation & BenefitsWe are excited to offer a competitive base pay range of $140,000 to $210,000 per year for this position, based on experience and qualifications. But that's not all - as a valued member of our team, you will also have access to an array of top-notch benefits, including:
- Annual bonus program and participation in our Restricted Stock Unit program
- 100% Employer-paid health, dental, and vision insurance for you, your dependents, and spouse or registered domestic partner
- 100% Employer paid long term disability, and life insurance
- 401(k) retirement plan with matching contributions to help you plan for your future
- Open Paid Time Off policy with a birthday day off and 11 holidays
- Professional development reimbursement along with a subscription to Coursera
- Cell Phone, Wellness, and Internet expense reimbursement, along with a subscription to the Calm App
- 100% fully paid parental leave for team members up to 22 weeks for the primary caregiver and 12 weeks for the secondary caregiver
- Dog-friendly offices (LA and AZ) along with a $300 pet adoption reimbursement
Diversity, Equity, and Inclusion
MediaAlpha is committed to fostering, cultivating, and maintaining a culture of diversity, equity, and inclusion. Our philosophy and actions are built on the premise that as an employer and citizens of our communities, we can create opportunities for lasting change.
Fair Chance
MediaAlpha will consider qualified applicants, including those with criminal histories, in a manner consistent with state and local "Fair Chance" laws. We are also committed to providing reasonable accommodations for qualified applicants with disabilities and disabled veterans in our application process. If you need assistance or an accommodation due to a disability, please contact us at peopleops@mediaalpha.com or (213) 316-6256.