What you’ll do:
Design, implement, and maintain security controls across multi-cloud infrastructures and applications.
Conduct risk assessments and security reviews of cloud deployments based on Infrastructure as Code (IaC).
Collaborate with developers and operations teams to ensure comprehensive security measures for services are in place.
Provide guidance and support to team members and other stakeholders on security best practices.
Conduct security reviews of product features, new technologies, and applications to ensure they meet security requirements.
Work with development and operations teams to implement secure coding practices and deployment processes.
Collaborate with other security teams to resolve security issues and implement security improvements.
Lead security projects and initiatives across environments to enhance the platform’s security.
Formulate, characterize, and design multi-cloud architectures (AWS, Azure, GCP).
Implement cloud architectures on a variety of components and technological services.
Research and explore new opportunities, initiatives, and technologies emphasizing security.
Conduct threat modeling and risk assessments for product features, including secure design reviews to ensure security practices are integrated
At least 2+ years of experience with AWS, GCP, or Azure.
Strong knowledge and experience with DevOps practices and tools, such as CI/CD, Infrastructure services, and IAC.
In-depth knowledge of security best practices and technologies, including encryption, identity and access management, and network security.
Experience with securing orchestration technologies such as Kubernetes.
Proficiency with cloud security tools such as CSPM, CWPP, etc.
Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams.
Experience in leading security projects across complex multi-cloud architectures.
Experience developing automation and scripting processes based on Infrastructure as Code (such as Terraform or Python).
Industry certifications such as the Certified Cloud Security Professional (CCSP) or Certified Information Systems Security Professional (CISSP) are preferred.
