Key skills
Cloud-Native Security ArchitectTerraformKubernetesAWSGCPAzureSecurity toolsCloud securityProgramming languagesNetworking protocolsCommunication skillsCollaborative skillsServerlessCommunicationNetwork SecurityCloud Security
About this role
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online. As a Cloud Security Engineer, you will design and operationalize a cloud security program that protects Incode’s multi-cloud environments, ensuring they are resilient and secure by default.
Responsibilities:
- Discover the top security challenges we face and partner with teams across the company to be hands-on in implementing your security recommendations
- Build security controls that detect, prevent, and correct cloud vulnerabilities in our very complex, multi-cloud, hybrid and private cloud environment
- Architect and design infrastructure to support the security team’s mission and ensure well-architected fundamentals (logging, identity and access controls, etc)
- Build, deploy, and manage production security tools and services to monitor networks, endpoints, and cloud workloads
- Build, maintain and evolve a reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and immutable images
- Facilitate the security baked into our cloud infrastructure for our applications and customer data
- Contribute changes to production security infrastructure and platforms (e.g., configure GuardDuty or AWS Config, Kubernetes, VPNs, Secrets Manager, etc)
- Help your peer engineers grow their own security reasoning and knowledge
Requirements:
- 5+ years experience deploying and securing services on public cloud infrastructure
- Detailed understanding of cloud and network security
- Detailed understanding of Kubernetes components and cloud-native security
- Fluency in one or more programming or scripting languages
- Experience building, deploying, and customizing security tools to address threats and lower risk: CSPM, vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, endpoint security monitoring, etc
- Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies
- Depth and experience in modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc
- Depth and experience with at least one common cloud service provider: AWS, GCP, Azure
- Understanding of security weaknesses, exploits, attacks and mitigations
- Outstanding written and verbal communication
- Experience with most of the following: AWS security tools (GuardDuty, AWS Config, CloudTrail), Terraform, Kubernetes, Containers, Open Policy Agent, Secrets Management, SIEM
- Excellent collaborative skills