Proactively partner with infrastructure, application engineering, and data analytics teams to define, promote, and implement security best practices that improve the security posture of our infrastructure.
Work closely with business units, product teams, DevOps engineers, and SREs to embed security requirements and controls into DevOps environments and cloud platforms (AWS and GCP).
Architect, configure, operate, and maintain infrastructure, network, and supporting software related to cloud and application infrastructure.
Represent the Security Team in Security and Change Management Review Boards, providing expert guidance and technical leadership.
Act as a hands-on technical Security SME, handling complex technical work to establish and maintain secure cloud environments.
Lead major initiatives and projects aimed at improving security posture, contributing to the continuous improvement of Guidewire’s security program.
Mentor and guide junior team members, fostering knowledge sharing and skill development.
Contribute to advancing security domain knowledge across Guidewire through publications and presentations.
Provide on-call support and collaborate with the Incident Response Team.

Requirements

5-7 years of experience building and operating secure infrastructures, with a focus on Information Security and DevSecOps.
Deep understanding and hands-on experience with secure product development, threat modeling, secure design principles, secure coding, network security, identity management, authentication, encryption, container security (EKS, ECS), penetration testing, code analysis, security testing, risk assessment, and incident response.
Strong knowledge of attacker tools, techniques, and processes, and a broad array of defenses and mitigations.
Familiarity with enterprise security controls and best practices for Windows, Linux, and Mac systems.
Proficiency in core security concepts, including cloud (AWS required, GCP preferred), networking, and architecture.
Experience collaborating with product and DevOps engineers/SREs on security requirements in DevOps and cloud environments.
Excellent communication, collaboration, and interpersonal skills, with the ability to articulate complex security concepts in simple business terms.
Ability to lead major initiatives and projects, collaborate with stakeholders across geographies, and coach junior engineers.

Benefits

Flexible work environment
Health and wellness benefits
Paid time off programs including volunteer time off
Market-competitive pay and incentive programs
Continual development and internal career growth opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information SecurityDevSecOpssecure product developmentthreat modelingsecure design principlessecure codingnetwork securityidentity managementencryptionpenetration testing

Soft Skills

communicationcollaborationinterpersonal skillstechnical leadershipmentoringknowledge sharingcoachingarticulating complex concepts