Senior Security Engineer

Who are we?

Equinix is the world’s digital infrastructure company®, operating over 260 data centers across the globe. Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with agility, speed the launch of digital services, deliver world-class experiences and multiply their value, while supporting their sustainability goals. 

Our culture is based on collaboration and the growth and development of our teams. We hire hardworking people who thrive on solving challenging problems and give them opportunities to hone new skills and try new approaches, as we grow our product portfolio with new software and network architecture solutions. We embrace diversity in thought and contribution and are committed to providing an equitable work environment that is foundational to our core values as a company and is vital to our success.

Job Summary

The Senior Security Engineer will be responsible for enhancing the organisation's security posture through the development of in-house tools, particularly by leveraging Generative AI for security checks. This role involves creating and maintaining secure development guidelines and policies that align with industry standards, ensuring that these documents are practical and accessible for development teams. The engineer will design reference architectures for the Secure Software Development Life Cycle (SSDLC), integrating security best practices into the design phase of applications to mitigate potential risks. In addition, the Senior Security Engineer will focus on automating security gates within the SSDLC, identifying critical checkpoints and implementing tools that facilitate continuous security testing and validation throughout the development process. This automation will streamline workflows and enhance the overall efficiency of security measures. As a subject matter expert, the engineer will provide guidance to developers on how to design and write secure applications. This includes conducting training sessions and workshops to educate teams on secure coding practices and reviewing application designs and code to offer constructive feedback. The Senior Security Engineer will collaborate closely with cross-functional teams, fostering a culture of security awareness and ensuring that security considerations are integrated into all aspects of the development lifecycle. By staying current with industry trends and emerging threats, the engineer will continuously refine security practices and tools to address evolving challenges in the security landscape.

Technical Skills for DevSecOps

• Understanding of DevOps Principles: Familiarity the DevOps culture, practices, and tools that promote collaboration between development and operations teams. This includes knowledge of Agile methodologies, continuous integration, continuous delivery, and the importance of feedback loops.
• Demonstrated Experience in CI/CD Tools: Proven ability to implement and manage Continuous Integration and Continuous Deployment (CI/CD) pipelines using tools such as Jenkins, GitLab CI, CircleCI, or GitHub Actions. This includes automating build, test, and deployment processes while integrating security checks and practices throughout the pipeline.
• Infrastructure as Code (IaC): Experience with IaC tools (e.g., Terraform, AWS CloudFormation) and understanding how to secure infrastructure deployments. This includes writing and managing infrastructure configurations in a version-controlled manner.
• Containerization: Proficiency in container technologies such as Docker and orchestration tools Kubernetes. Understanding best practices for securing containerised applications and managing container lifecycles.
• Logging and Monitoring: Knowledge of logging and monitoring tools (e.g., ELK Stack, Splunk, Prometheus) to ensure visibility into application performance and security. Ability to set up alerts and dashboards to monitor security events and system health.
• Development Skills: Proficiency in programming languages such as C# or Java, with a requirement to write code in these languages. Understanding secure coding practices and the ability to write and review code with security considerations in mind.
• Security Best Practices: Familiarity with security frameworks and best practices (e.g., OWASP Top Ten) to identify and mitigate security vulnerabilities throughout the development lifecycle.
• Cloud Security: Understanding of cloud service models (IaaS, PaaS, SaaS) and security considerations for cloud environments (AWS, Azure, GCP).

Soft Skills

• Collaboration and Communication: Ability to work effectively with cross-functional teams, including developers, operations, and security personnel, ensuring clear communication and shared goals.
• Problem-Solving: Strong analytical and critical thinking skills to identify, assess, and resolve security issues efficiently.
• Adaptability: Ability to quickly learn and adapt to new tools, technologies, and processes in a fast-paced and evolving environment.
• Attention to Detail: A keen eye for detail to identify potential security flaws and vulnerabilities, ensuring thoroughness in security assessments.
• Continuous Learning: A commitment to staying updated on the latest security trends, threats, and technologies, actively seeking opportunities for professional development.
• Team Player: Willingness to collaborate, share knowledge, support team members to foster a culture of security and mutual growth.

Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.

Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.