Security Engineer

At Extra Space Storage, what matters to you, matters to us! Join a company that cares about you.  

It is an exciting time to be at Extra Space. We have been featured on multiple "Best Places to Work" awards, including Forbes and Glassdoor. We’re an S&P 500 company that hasn’t stopped growing since our founding in 1977. Today we are leading the self-storage industry in more ways than one, but in order to maintain this lead, we need exceptionally motivated, capable, and driven people like you. Self-storage is our product, helping people is our passion. Come grow with the largest self-storage company in the world and find out why so many of our employees recommend us as a great place to work. 

Job Summary

This role requires a strategic thinker with a talent for identifying vulnerabilities before they become critical issues. In a dynamic, cloud-native environment, you’ll have the chance to shape security policies and processes, leveraging cutting-edge analysis to proactively address risks. If you enjoy working on complex security challenges and influencing teams across the organization, this role offers the perfect opportunity to make a significant impact.

Duties & Responsibilities

We are looking for a Security Engineer (DevSecOps) to help secure cloud-based applications and environments. The ideal candidate will focus on: 

• Collaborating closely with development managers, product management and cloud engineering teams to provide DevSecOps analysis and recommendations as a lead facilitator of the Secure Software Development Lifecycle.

• Analyzing emerging threats and continually assessing the overall product security posture. 

• Threat Modeling to help identify, assess, and prioritize security risks in applications and infrastructure at all stages of development. 

• SCA/SAST/DAST (Software Composition Analysis/Static/Dynamic Application Security Testing) monitoring and prioritization of actionable vulnerabilities with engineering teams.

• Cloud Security Posture Management / Vulnerability Management / Workload Protection to ensure comprehensive visibility and security of AWS infrastructure and services, to include containerized environments.

• Develop security logging, monitoring and alerting around AWS infrastructure and supported applications, and identify opportunities to consolidate information in a centralized SIEM.

• Be available to assist with incident response and on call responsibilities in the case of a security event or incident involving supported infrastructure and applications.

• Develop and partner with Engineering Security Champions and teams to create a security first culture to include facilitating secure code training.

Qualifications

Optimal candidates will have experience, education and certifications similar to:

• Bachelor’s degree in Computer Information Technology or similar

• 3-6 Years of experience in Software Development, IT Systems Administration and/or Cyber Security

• Certifications such as CompTIA Security+/CySA+, ISC2 SSCP, AWS Cloud/Security Certifications, and/or ISC2 CISSP

We pride ourselves on hiring top talent and provide the following benefits and more: 

• Well defined career paths 

• Great work/life balance and hybrid work schedule 

• Medical, dental, and vision benefits 

• Health Savings Account (HSA) or Flexible Spending (FSA) 

• Company paid Life, AD&D, and Short- & Long-Term Disability 

• 401K with company match after 90 days of service 

• Holiday pay and paid time off 

• Extensive wellness program and various employee discount programs 

• Personal health advocate 

• On-site fitness center 

• Free soda, coffee, and snacks all day every day and much, much more!