Security Design Reviews/Threat Models: Ensure security guardrails are integrated into our platforms by conducting thorough reviews of design, implementations and code
Collaboration and Engineering Guidance: Provide proactive guidance and education to platform engineering and product teams on available security controls and their appropriate use to help prevent vulnerabilities, striving for secure by default paradigms
Partner with platform engineering and product teams to identify the appropriate remediations and compensating controls, sometimes getting creative when the “textbook remediation” is not viable
Expertise in Cloud Security: Serve as a trusted advisor, offering cloud security expertise to enable platform engineering and product teams to make informed decisions
Automated Analysis and Secure Frameworks: Scale security efforts by integrating automation for the identification, prioritization, and remediation of vulnerabilities
Empower platform engineering teams through automation, security guidance, tooling, patterns, and training to scale security practices across the organization
Partner with application security and incident response teams to identify and implement security tooling to detect security vulnerabilities and risks at scale
Lead by example and be a champion of all company policies, including safety, attendance & security

Requirements

3+ years of experience in Cloud Security, with a focus on securing AWS and GCP environments
Proficient in Terraform analysis and knowledgeable about common cloud security vulnerabilities/misconfigurations
Working knowledge of one or more general purpose programming/script languages, preferably Python
Excellent problem-solving skills, with the ability to work independently and handle multiple tasks
The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
Experience with cloud security testing tools and methodologies (CSPM, Penetration Testing)
Familiarity with major compliance frameworks, such as PCI, NIST, ISO, SOX, and experience assisting in audits
Bachelors in CS, Cybersecurity or related fields and certifications such as GCIH, CISSP, CSSLP, GSSP or any other professional or Specialty AWS certification (e.g., AWS Solutions Architect Professional or Security Specialty) is good to have.

Benefits

Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision
Additional Benefits: Full-time employees are eligible for fertility, commuter, and educational assistance benefits
401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals
Vacation: All salaried employees are eligible for flexible time-off
Holiday Pay: All regular, full-time employees are eligible for ten company paid holidays
Employee Discounts: Employees receive discounts on select grading services for approved submissions
Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs
Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Cloud SecurityAWSGCPTerraformPythonCSPMPenetration Testingsecurity toolingvulnerability remediationautomated analysis

problem-solvingindependent workmulti-taskingdriving clear next stepscollaborationguidanceeducationcreativityleadershipchampioning policies

GCIHCISSPCSSLPGSSPAWS Solutions Architect ProfessionalAWS Security Specialty