Job responsibilities
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
- Defines the technical target state of their cybersecurity product and drives achievement of the strategy
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
- Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
- Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on Cybersecurity concepts and 5+ years applied experience
- Experience with Terraform and scripting. Hands on experience in architecting, securing, and operating one or more major Cloud technologies (AWS/Azure), with a focus on Security
- Experience designing and establishing baselines and prove security posture against implemented controls along with, risk management processes, principles, architectural requirements, engineering, threats and vulnerabilities, threat intelligence and application security.
- Experience with creating Threat Models and understanding risks associated with complex cloud architectures.
- Understanding of software development lifecycle including design, implementation, and delivery. Practice of Continuous Integration and Continuous Delivery
Preferred qualifications, capabilities, and skills
- Information security professional certifications encouraged, such as CISSP, CCSP, SANS GIAC, AWS Security etc
- Familiarity with Docker, Kubernetes, Micro-services, Kafka, cloud, virtualization, APIs, and modern software languages, understanding or have experience with Agile and lean philosophies
- Able to deliver complex solutions that are easy to repave, automate, as well as with very strong resiliency capabilities. Experience performing root cause analysis of Production incidents and recommending tactical and strategic solutions to SRE teams.
- Experience with common application flaws, and how to fix them.
- Penetration testing experience