You will be part of our distributed devops and infrastructure team to develop secure designs and help monitor cloud infrastructure and app security. You must have prior experience in secure development in large, complex system environments. This role requires a good understanding of various standards such as SOC2, NIST, FedRAMP, along with an understanding of the Security, Availability, Confidentiality, Processing Integrity, and Privacy Trust Service Principles.
- You will be responsible for supporting the security, governance, risk, and compliance initiatives and for performing the key ongoing activities needed to attain and maintain attestations such as SOC2 and FedRAMP for a suite of SaaS products.
- You will be responsible to monitor cloud infrastructure for both secure design as well as performing regular scans and monitoring for any security alerts/vulnerabilities.
- Develop software/scripts to support running these initiatives and work with the devops team.
- Bachelor's or Master’s degree in a related field or equivalent work experience
- Minimum 4 years of experience operating in production environments with public cloud infrastructure
- SecDevOps Experience (desirable). Must be able to develop software to run/monitor security compliance
- Experience with security tools and penetration testing
- Experience with SOC2 and FedRAMP reporting engagements, and Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles
- Experience with securing Cloud Infrastructure like AWS, GCP
- Experience with container orchestration frameworks like Kubernetes
- Ability to adapt in a dynamic work environment, learn quickly, solve problems and make decisions with minimal supervision