Senior Cloud Security Engineer, DevSecOps - San Jose CA

Senior Cloud Security Engineer, DevSecOps
Denver, San Antonio, San Francisco, San Jose 

Description

Technology has changed our expectations of how we live, work, communicate.  Learners expect education to be engaging and inspiring. They expect digital learning to be as responsive, secure,  fast and effective as the other apps in their pocket - Facebook, iTunes.  They expect to have access to learning anytime, anyplace, any device and get help when they need it - Consumer Grade without being a target of cyber attacks. 

One of biggest investments is in a new digital platform - the Global Learning Platform - which will fundamentally change the way we design, develop and deliver learning experiences, enabling new business models.  The Global Learning Platform will provide engaging, responsive, and personalized learning experiences to students everywhere. The cloud security team will drive all aspects of design, build, operate and assess across cloud-based digital platforms and products.

Responsibilities 
As a direct report to the Director, Product Information Security Officer (PISO), you will have the following responsibilities:
  • Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps
  • Snr Cloud Security DevSecOps Engineer  will fundamentally change the way security processes and tools are integrated within DevOps 
  • Implement a tools-driven and highly automated approach to deliver our key security management processes by exploiting investment in existing tooling (e.g. ServiceNow, Chef, Splunk) and/or identify new tooling.
  • Design and implement AWS/Cloud-based DevSecOps  processes and tools
  • Develop procedures to automate security tasks during code builds and deployments
  • Respond to and, when appropriate, resolve or escalate security incidents
  • Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
  • Assist and train team members in the use of cloud security tools and the resolution of security issues
  • Develop and maintain documentation for security systems and procedures
  • Collaborate with the Ops team to build infrastructure and servers on AWS
  • Lead AWS Cloud DevSecOps  engineering integrations with platforms such as SPLUNK ES, Threat Analytics, and UEBA 
  • Evaluate and recommend  use of ML, AI, and data analytic services to enable action based events and triggers
  • Actively involved in  cloud environment  threat hunting using manual and automated tools
  • Build working relationships with corporate technology and business teams
  • Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
  • Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner
  • Deploy automated security solutions for cloud delivery processes
  • Develop cloud security solutions to enable production security operations (SOC)
  • Deploy compliance solutions for  large-scale cloud environments using container and microservice technologies
  • Develop security and compliance capabilities in support of DevOps processes
  • Develop & deploy automated solutions to secure cloud development processes
  • Craft and evangelize secure cloud platform & product requirements
  • Communicate security risks and solutions to business partners, platform & product teams
  • Embrace a culture of continuous service improvement and service excellence
  • Stay current on security industry trends

Qualifications 
  • Overall 6 years experience in Technology with extensive experience in cloud solutions (AWS, OpenStack)
  • Minimum 4 years of experience with implementing and automating Cloud DevSecOps including technologies such as SPLUNK ES, Twistlock, CloudPassage and threat intel platforms
  • Extensive experience in cloud based DDoS protection services such as AWS Advanced Shield and Akamai
  • Experience working in an IT Security Operations Center
  • Experience with SIEM, IPS/IDS, security operations, incident analysis, incident handling, vulnerability management or testing, log analysis, and forensics
  • In depth understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.
  • Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others
  • Knowledge of network based, system level, and application layer attacks and mitigation methods
  • Extensive Experience working with container technology including F and Kubernetes
  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
  • Ability to clearly and effectively communicate concerns, issues to other teams
  • Experience in developing, documenting, and maintaining security procedures
  • Proficient in AWS CLI, Bash, and Python
  •  Bachelor's Degree in Computer Science or related field or equivalent experience.
  •  Experience with custom development using AWS integration technologies, Python, Java/EE, JSON, SAML, XACML, SCIM.
  • Experience in virtualization, Cloud Formation, Python in building hybrid cloud models with security layered in for groups, policies is critical for individual's hands-on expertise.
  • Real time scalability and highly available solutions leveraging functions like Lambda, AWS Auto Scaling and Cloud Formations.
  • Source code management tools such as BitBucket
  • Skilled in HTML/CSS, JSON, REST, HTTP, Python, Java/EE, SAML, XACML, SCIM
  • AWS certification along with other security certifications such as CISSP, SSCP is a plus
  • Actively Participate in data design sessions
  • Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence, various monitoring/alerting tools;
  • Building CICD pipelines
  • Knowledge of security within pipelines
  • Automating security within pipelines 
  • Integration of SAST/DAST tools into Pipelines
  • Continuous security testing & validation in Pipeline 

Please present resumes to:

Carmen Lapham

Carmen@mhrpartners.com



Want to apply later?

Type your email address below to receive a reminder

ErrorRequired field

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file