WHAT YOU’LL DO
- Lead threat modeling and security reviews across Wiz's products and cloud infrastructure, identifying attack surfaces and developing scalable mitigation strategies
- Build automation, policy-as-code, and security tooling that enables development teams to "shift left" and integrate end-to-end security into their workflows
- Design and implement secure baselines for cloud resources and Kubernetes based infrastructure
- Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls in software supply chains from development through production
- Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
- Collaborate with our Wiz Federal team – extending our DevSecOps and Product Security practices to Wiz's FedRAMP environment and ensure it meets key security requirements
- Build deep functional partnerships with Wiz's engineering and operations teams – helping them deliver secure-by-design solutions
WHAT YOU’LL BRING
- 7+ years of experience in security engineering or security operations work in cloud environments, with a focus on the below:
- Strong AWS cloud security experience (we will also consider equivalent experience in Azure and GCP)
- Cloud native Kubernetes services (EKS/GKE/AKS) and strong container security principles
- Deep understanding of securing IAM and cloud identities at scale
- Proven ability to lead technical security reviews of products and architectures, conduct threat modeling exercises, and translate findings into actionable security controls
- Practical understanding of web application security concepts (such as OWASP Top-10 and similar)
- Hands-on experience with IAC and related tools (Terraform, CloudFormation, Helm, Pulumi)
- Experience with automation and tooling development in one or more: Python, Go, Shell, HCL, Rego
PREFERRED QUALIFICATIONS
- Bachelor's degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degree
- Experience working with remote, globally distributed teams
- Experience working in organizations that develop software and/or operate managed infrastructure and technology services for their own customers
- Experience with CNAPP, CSPM, or CIEM solutions
For this position, you may be required to provide evidence that you meet EAR part 772 and ITAR 120.15 definition of a U.S. person (Any individual who is granted U.S. citizenship; or, any individual who is granted U.S. permanent residence (green card holder); or, any individual who is granted status as a “protected person”) and that you reside in the contiguous United States.
