Description
Who We Are

Murmuration is a nonprofit organization that amplifies the power of civic engagement by providing data, digital tools, and research-driven insights to community-focused organizations so that together we can create an America where everyone can lead healthy, free, and dignified lives.

Every day, people are trying to shape our future for the better. Fighting for water that’s safe to drink. Schools that serve students equitably. Gun laws that make sense. And rallying people who care like we do. And yet too often the skillful organizers working to mobilize communities lack access to technology that could supercharge their efforts. Knocking on every door instead of knowing which will open most easily. And going up against outside interests that have half the heart, but twice the tools.

In communities across America, Murmuration’s partners are leveraging our data, tools, and insights to help thousands of organizers orchestrate millions of individual people to do big things together. Demand big things together. To create the world they want. Together.

About the Position

The Security Engineer will provide guidance to the business and engineering teams on improving the security posture of the company. They will need a strong analytical ability, cloud infrastructure knowledge, and the ability to deliver results within a fast-moving, agile environment while providing guidance on security solutions and best practices to internal teams.

Note: At Murmuration, we are committed to becoming an even more diverse, equitable, and inclusive workplace. To this end, all staff members are expected to actively participate in DEIB (diversity, equity, inclusion, belonging) programming.

Requirements
What You’ll Do:

Create secure architectural designs and perform security reviews with Engineering teams
Provide guidance on security solutions and best practices to internal teams
Utilize a monitoring infrastructure to collect actionable security signals and automate remediation
Follow DevOps principles in implementing and maintaining security controls in a cloud-based infrastructure
Keep security measures at the cutting edge as security for what we are building will be of utmost importance
Perform security reviews of existing code bases including vulnerability scanning and best security practices in regard to pipelines
Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components
Research the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks
What You Should Have

2+ years in Security Engineering, DevOps, or IT Operations roles
Familiarity with DevOps practices as well as software engineering fundamentals, patterns, and design
Understanding of the shared responsibility model in AWS
Experience building and securing infrastructure code using Ansible, Terraform, CloudFormation, and/or similar tools
Experience integrating security practices into development lifecycles and sprint planning
Experience with programming languages for automation tools (Python)
Experience with Infrastructure as Code tools such as Terraform, Ansible, and Cloudformation
Experience with unit and integration testing, continuous integration, and deployment workflows
Experience securing REST APIs and integrating third-party APIs
Knowledge of security best practices and how to implement them in cloud infrastructure
2+ years of Ubuntu / Unix / Linux system administration
General understanding of PKI, X.509, ASN.1, key exchange protocols, and authentication protocols
What You Could Have

2+ years experience building and working on cloud infrastructure for large scale distributed systems (primarily AWS-based)
Experience developing REST APIs and integrating third-party APIs
Experience Developing Security tools
Knowledge of IAM, VPC, CloudWatch, API Gateway, Lambda, S3, ECS, Lambda, EKS, KMS, Shield, etc. is a strong plus
Bash Shell scripting
Experience implementing and leveraging logging and/or monitoring solutions is a plus
Relevant security and AWS certifications are a plus, but not required
Understanding/working knowledge of public cloud infrastructure and networking fundamentals in AWS
Relational Database Administration
Talented Security Engineers come from all walks of life and career. If you are passionate about civic engagement and technology, please apply, even if you do not check every box!

Benefits
Location and Compensation

The Security Engineer is a full-time, salaried position with a comprehensive benefits package (more detail below). It is based anywhere in the U.S. The salary range for this position is $90,000 – $120,000 and is commensurate with experience.

Our Culture of Care

We work hard to create a culture of care to ensure that our staff are best equipped to lead happy, healthy, and balanced lives. To that end, we offer a comprehensive benefits package which includes:

Health, vision, and dental insurance with 100% of premiums covered for you and qualifying family members;
Retirement benefits with a 5% employer match;
A flexible unlimited PTO plan;
Generous paid parental leave;
Pre-tax commuter benefits;
A company laptop;
A flexible remote work environment;
A home office setup stipend for all new employees;
Monthly reimbursement for remote work expenses;
A yearly professional development fund;
Mental health and wellness benefits through Calm and Better Help; and
Yearly in-person staff retreats; and
A welcoming culture that celebrates diversity, equity, and inclusion.
An Equal-Opportunity Employer with a Commitment to Diversity

Murmuration is proud to be an equal opportunity employer, and as an organization committed to diversity and the perspective of all voices, we consider applicants equally of race, gender, color, sexual orientation, religion, marital status, disability, political affiliation, and national origin. We reasonably accommodate staff members and/or applicants with disabilities, provided they are otherwise able to perform the essential functions of the job.