What You'll Do
- Driving the design and implementation of defense-in-depth infrastructure and application security solutions for our customer-facing SaaS platform in AWS & GCP public cloud environments
- Driving architecture, implementation, configuration, and automation of native and third-party cloud security solutions for hardening, detection, prevention, login,g and response solutions for security vulnerabilities and threats
- Assisting in incident response and triaging activities as needed for security incidents and events
- Working closely with Product, Engineering, and IT in a DevSecOps model on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, Threat and Intrusion detection, Kubernetes Container Security solutions
- Provide thought leadership with a security bent of mind to the organization
What You'll Need
- 5-7 years of previous experience deploying and administering security infrastructure in GCP or AWS public cloud environments, using Infrastructure as Code required
- In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring
- Security experience in a cloud-native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security, etc.
- Prior experience working closely with Product, DevOps and CloudOps' Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions needed
