Strengthening the resilience and enhancing the security posture of the foundational platform.
Executing impactful projects across the organization.
Ensuring the integration of and compliance with security best practices, frameworks, and regulations.
Automate security controls and monitoring.
Develop technical solutions to prevent or mitigate security vulnerabilities.
Maintain technical & security standards for production and corporate infrastructure services.
Collaborate with security management professionals, legal teams, and internal auditors on technical security matters.
Work with platform engineering teams to balance security with other requirements.
Review architecture proposals and propose security controls to minimize risks.
Requirements
Strong understanding of core computer security concepts and the ability to explain and apply them, including the CIA triad, principle of least privilege, authentication vs. authorization, cryptography, security protocols, application security, and related topics.
Experience with standard software development tools such as Git, GitHub, CI/CD tools (GitHub Actions), and shell scripting
Programming experience with one or more programming languages including but not limited to Go, Python or TypeScript
Experience using and configuring public cloud infrastructure platforms (GCP, Google Workspace, AWS, Azure), as well as container technologies (Docker, Kubernetes) and Infrastructure as Code (Terraform)
Experience with UNIX-like systems (i.e. Linux, macOS) configuration, administration and hardening as well as knowledge of basic POSIX command line utilities
Preferred Experience/Skills
4+ years of experience in security domains
Bachelor's degree in Computer Science or equivalent practical experience
Familiarity with cloud and web application architecture and best practices
Familiarity with secure software development lifecycle (Secure SDLC, SLSA).
Knowledge of SQL (BigQuery, Postgres, etc)
Familiarity with applied cryptography (key management, TLS, PKIs, KMSes, etc)
Familiarity with networking
TCP/UDP, DNS, HTTP
Experience with configuring identity federation (OIDC, SAML)
Familiarity with PCI-DSS or other information security or privacy standards.