Senior System Engineer

MISSION

At Streamlane, the focus is usually put on cost-effectiveness, agility, and rapid development. As a Senior System Engineer, the emphasis of your position may be on practical and scalable solutions that align with the company’s resources and growth trajectory. Flexibility and the ability to adapt quickly to changing requirements are highly valued traits. Additionally, a deep understanding of securing the specific technologies used at Streamlane is essential for this role.

As a Senior System Engineer at Streamlane, you will play a crucial role in integrating security practices into our fast-paced software development lifecycle. You’ll be responsible for automating security controls, setting up secure CI/CD pipelines, and ensuring the secure deployment and management of applications through containerization and Kubernetes. You’ll work closely with cross-functional teams to enhance the security posture of our applications and infrastructure, all while utilizing the following key technologies:

Linux / Ubuntu, Elastic Stack, Java, Postgresql, ActiveMQ.

PROFILE

Linux Administration: Proficiency in Linux command-line tools, file system management, user administration, and process management is essential for efficiently managing and troubleshooting Linux-based systems.

Security Knowledge: In-depth understanding of security best practices, particularly for Java applications and Angular web applications. Knowledge of securing PostgreSQL, MongoDB, and Neo4j databases.

Containerization: Proficiency in containerizing Java applications, Angular front-ends, and databases using Docker to ensure consistency and portability across environments.

Kubernetes: Extensive experience with Kubernetes, including cost-efficient cluster management and orchestration for Java and Angular applications.

Security Hardening: Knowledge of Linux security principles and best practices for securing the operating system, including user access controls, firewall configuration, and system hardening.

Infrastructure as Code (IaC): Familiarity with IaC tools like Terraform or Ansible to manage and provision cloud resources and infrastructure in a declarative manner.

Scripting and Automation: Strong scripting skills (e.g., Bash, Python) to automate security scans, testing, and deployment processes.

Infrastructure and application monitoring: Deep knowledge of monitoring infrastructure components like Kubernetes clusters, Docker containers, servers, and applications (databases, message brokers, or business applications) using tools like Elastic or equivalent

DevOps and CI/CD: Strong expertise in DevOps principles and practices, with hands-on experience in building and maintaining efficient CI/CD pipelines using GitLab CI for Java applications and Angular front-end.

Cloud Platforms: Familiarity with cloud platforms like AWS, Azure, or OVH, and the ability to optimize cloud resource usage while maintaining security best practices.

Security Tools: Practical experience with security tools tailored for Java applications and Angular web applications, including SAST, DAST, container vulnerability scanning, and database security tools.

Network Security: Deep knowledge of network security principles, including secure communication between Java applications, Angular front-ends, and databases.

Collaboration and Communication: Excellent teamwork and communication skills to collaborate effectively with developers, operations, and security teams in a small, close-knit startup environment.

Startup Mindset: Adaptability and willingness to wear multiple hats, taking initiative, and proactively solving problems, which are essential qualities in a dynamic startup.

Agile Methodologies: Familiarity with Agile development practices, enabling iterative and rapid development cycles (SCRUM methodology)

Nice to have skills and capabilities:

Microservices Architecture: Familiarity with microservices-based applications and security considerations for scaling them in a startup setting.

Incident Response: Understanding of incident response procedures tailored for a startup’s resource constraints.

Compliance and Governance: Basic knowledge of compliance requirements and governance frameworks applicable to a startup’s industry.

Identity and Access Management (IAM): Basic understanding of IAM principles for securing access to critical resources.

Continuous Learning: A proactive approach to learning about new security trends and technologies, staying updated with the industry’s latest practices.

Performance Optimization: Utilizing monitoring data to identify bottlenecks and performance issues in applications and infrastructure, and working with development and operations teams to optimize system performance.