Security Engineer

Description

Client's is building a Hybrid Cloud platform to host all of our cloudbased products. They are currently using Amazon Web Services (AWS) to provision Virtual Machines, and OpenShift and Kubernetes for container management. You will be working with fun, talented people who joined the team from other wellknown companies such as Google, Client's, Client's, etc.Responsibilities To maintain the security of their multitenant, dataintensive, Hybrid Cloud, covering everything from network configurations to the runtime complexities of securing containerized workloads dependent on dynamically discovered microservices.DaytoDay Functions You'll effectively advocate for security engineering within the CPE team by teaching sound security engineering practices, which may include producing code samples and test methods; reviewing test plans and code analysis metrics of our teams; designing and implementing connections between vulnerability scan results and corrective actions.You'll develop/deploy and operate bestofclass tools to detect security threats and incidents; respond to detected threats by driving the quick mitigation of such issues by the larger engineering team; work with security experts within Client's to characterize and propagate knowledge of these threats to our product teams and customer base.You'll work with operations and development staff to strike a sound business balance in our security policies between agility, productivity and convenience on one hand, and the confidentiality, integrity and availability of customer data on the other.Periodically you will evaluate the effectiveness of our security controls through penetration testing and other forms of threat modeling, log analysis, incident Pareto charts and other methods.Required Passionate about data security with a strong desire to learn more from the industry's leading experts about Hybrid Cloud security issues, cryptography, threat modeling, penetration testing, and secure software development.Recent experience securing production workloads in public clouds (AWS, Google, Azure, other)Recent experience implementing federated IAM (e.g., RBAC, SSO, SAML, Shibboleth, Kerberos) with deep understanding of authz/authn problems and solutions.Professional experience developing applications using mainstream OO technologies (Go, C++ or Java)Excellent interpersonal skills and ability to work in crossfunctional, global environmentBSEE or equivalent, or equivalent practical experiencePreferred Current security certification (e.g., CISSP, CEH, CISA, CISM, SECURITY+, OSCP, CCSK/CCSP)Detailed knowledge of networking, storage and computing protocols and technologies.Recent experience evaluating tools (AFW, IDS/IPS, DLP, pen testing, static code analysis)Recent experience writing operational scripts in one of Ruby, Python or PerlFamiliarity with modern configuration mgmt tools (e.g., Puppet, Ansible, Chef or Salt)Familiarity with cloud orchestration tools (e.g., CloudFormation, Scalr, CloudFoundry)Familiarity with security technologies available in AWS, GCE, Azure and OpenStackFamiliarity with logging and monitoring concepts and technologies (ELK or Splunk)Familiarity with the principles of encryption, server certificates, and key managemenFamiliarity with tools for investigating network performance and connectivity