Sirius XM Radio Inc. Engineer, DevOps - Security in Irving, Texas

Requisition ID


Job Title

Engineer, DevOps - Security





Type of Position


Job Description

Location: Irving, TX

Position Summary:

SiriusXM is looking for a strong collaborative team player to work within our 24x7 streaming infrastructure DevOps Team specifically focusing on application and architecture security as well as security as code. The qualifying candidate will be administering, maintaining and supporting applications, hardware and configurations deployed across Sirius XM's streaming infrastructure focusing on security. Candidate will perform a wide variety of software/hardware configuration/maintenance and operational support tasks of many varied back end systems, including, but not limited to, Windows/Linux server OS/software, server class hardware, VMware VSphere, AWS Infrastructure, Postgres/SQL databases and various application servers. Candidate will be responsible for ongoing security of the different enviroments while working with the development and operations teams to ensure uptime/stability. The position is considered to be on-call and the candidate will be expected to ensure the coverage of frequent after-hours deployments/maintenance windows. This position is an individual contributor/hands on role. The position focuses on security architecture within the SiriusXM streaming areas. This also includes responsibilities surrounding all infrastructure support including application monitoring, software build machines, and software support servers. The candidate should have a penchant for solving tough security problems, and a dedication to ensuring high-availability.

Duties and Responsibilities:

  • Administer Amazon Web Services (AWS) Infrastructure.

  • Create and maintain AWS Cloud Formation Scripts.

  • Monitor and correlate security events with WAFs, IDS/IPS, and VPC/access logs.

  • Collect, monitor and analyze systems performance data for improved security.

  • Perform security hardening in accordance with industry standards.

  • Perform security tools, static analysis, runtime analysis, black-box testing.

  • Perform key management system maintenance.

  • Perform incident response duties as assigned.

  • Manage certificate lifecycle.

  • Constantly maintain awareness of all known vulnerabilities in application technologies.

  • Coordinate security architecture changes with operational teams and developers.

  • Research any reported or suspected application vulnerabilities Networking (TCP/IP) configuration including Firewall ACL's and security.

  • Create automated tasks with shell scripts (bash, python).

  • Implement security controls aligned with business requirements.

  • Perform operational security console alert response and mitigation.

  • Indicators of compromise investigation and escalation.

Supervisory Responsibilities:

  • None.

Minimum Qualifications:

  • Bachelor's degree in computer science, engineering, information sciences, technology or equivalent, relevant experience.

  • Minimum of 5 years of IT/engineering experience. 1 year in a 24x7 support environment.

  • Experience with virtual infrastructure and support (VMWare/AWS).

  • Strong AWS knowledge base highly preferred.

  • Must be familiar with most flavors of Linux/Windows.

Requirements and General Skills:

  • Must be able to design, implement and support solutions based on the needs of the business and based on industry professional and security best practices.

  • Ability to work independently as part of a team, including cross-functional teams.

  • Exhibit excellent time management skills, with the ability to prioritize and multi-task, and work under shifting deadlines in a fast-paced environment.

  • Ability to pay attention to details and be organized.

  • Ability to interface with a multitude of diverse personalities in a professional and consistent manner.

  • Ability to identify problems, recommend solutions and perform triage in a team environment.

  • This position requires 24x7 availability for support and after hours work in order to support the availability and uptime requirements of the business.

  • Must have legal right to work in the U.S.

Technical Skills:

  • Linux knowledge in a virtualized environment is required.

  • Understanding and implementation of NIST and CIS security controls.

  • Incident response framework familiarity.

  • Understanding of Information Security Data Classification.

  • Proficient with a terminal in a Linux or Window environment.

  • Cloud experience and certification(s) a plus.

  • AWS Certified Solutions Architect, SysOps Admin, or Advanced Networking.

  • Senior level experience with network security controls including firewalls, access logs, web application firewalls, intrusion prevention and detection.

  • Security tools, static analysis, runtime analysis, black-box testing.

  • Collecting, monitoring and analyzing systems performance data for improved security.

  • Penetration testing concepts and tools.

  • Certificate lifecyle management.

  • Research any reported or suspected application vulnerabilities Networking (TCP/IP) configuration including Firewall ACL's and security.

  • Web application security tools and design.

  • Create automated tasks with shell scripts (bash, python).

As an EEO/Affirmative Action Employer all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status.

The requirements and duties described above may be modified or waived by the Company in its sole discretion without notice.

Company EEO Statement

Our goal at SiriusXM is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, marital status, familial status, veteran status, sexual orientation or any other characteristic protected by applicable federal, state or local laws.