We seek a highly skilled and experienced Staff Security Engineer specializing in Cloud Security with expertise in implementing Kubernetes. As a critical member of our security team, you will play a crucial role in enhancing our overall security posture, ensuring compliance with industry standards, and contributing to the seamless integration of security into our cloud environment.
What will you do?
- Network Policies Implementation:
- Design, implement, and manage network policies within Kubernetes to enhance security controls.
- Collaborate with cross-functional teams to ensure network policies align with overall security strategies.
Cloud Security Expertise:
- Possess in-depth knowledge and hands-on experience with cloud platforms such as AWS, GCP, or Azure.
- Implement and optimize security controls specific to each cloud provider.
Security Testing:
- Drive the implementation of Dynamic Application Security Testing (DAST) within the cloud environment.
- Conduct regular security assessments to identify vulnerabilities and provide actionable recommendations.
MTLS Implementation:
- Spearheaded the implementation of Mutual Transport Layer Security (MTLS) to strengthen communication security.
- Collaborate with development and operations teams to ensure smooth integration.
CIS Benchmarking:
- Implement and enforce CIS benchmark standards for Kubernetes and cloud environments.
- Perform regular audits to validate compliance and address any deviations.
Shift Left Security:
- Advocate for and implement Shift Left Security practices to integrate security throughout the entire software development lifecycle.
- Collaborate with developers to embed security into the CI/CD pipeline.
Static Application Security Testing (SAST):
- Drive the implementation of SAST tools to identify and address security vulnerabilities in the source code.
- Guide development teams on secure coding practices.
Enterprise Readiness:
- Work closely with stakeholders to enhance security measures that align with enterprise goals.
- Contribute to initiatives to achieve higher Annual Recurring Revenue (ARR) through improved security practices.
Execution and Improvement:
- Take a hands-on approach to executing security initiatives, ensuring timely and effective implementation.
- Continuously evaluate and improve security processes and procedures to adapt to evolving threats.
What makes you a great match for us? 😍
- Strong expertise in cloud security, focusing on AWS, GCP, or Azure.
- Proven experience in implementing and managing Kubernetes within a cloud environment.
- Familiarity with network policies, MTLS, CIS benchmarks, and security testing methodologies.
- Experience with Shift Left Security and a proactive approach to integrating security into development processes.
- Excellent communication skills and the ability to collaborate with cross-functional teams.
- Demonstrated ability to contribute to enterprise-level security strategies.