Key skills
PythonAWSAzureGCPTerraformKubernetesCloudFormationIAMMongoDBCloud Security
About this role
MongoDB is a company that empowers customers and employees to innovate rapidly. They are seeking a highly skilled Cloud Security Engineer to design, implement, and manage security solutions, collaborating with cross-functional teams to enhance cloud security posture.
Responsibilities:
- Secure cloud environments across AWS, Azure, and GCP with a focus on IAM, preventative controls, and resource permissions
- Automate the deployment and maintenance of security solutions and tooling using Terraform, CloudFormation, and Python
- Drive our enterprise cloud strategy in order to empower the business while protecting critical assets and data with appropriate security measures
- Design and implement security solutions to address gaps in the organization’s cloud security posture
- Conduct security assessments on cloud services, identifying misconfigurations, excessive permissions, and potential risks
- Partner with detection engineering and incident response teams to create new alerting and investigation capabilities
- Provide subject matter expertise to support cross-functional teams in the deployment and management of their cloud services and solutions
Requirements:
- At least 5 years of Cloud Security experience
- Subject matter expertise in securing infrastructure at scale in an enterprise environment in AWS and preferably one additional cloud provider (Azure or GCP)
- Strong understanding of IAM and data protection in cloud environments
- Experience using infrastructure-as-code, such as CloudFormation and Terraform, to deploy and manage solutions in cloud environments
- Experience with using scripting languages such as Python and/or orchestration tools such as Tines to automate and integrate different components and/or services
- The ability to perform security reviews of architectures and products, identify gaps and weaknesses present, and recommend controls to address them
- Experience helping to craft and deliver policies to drive the organization's security posture forward
- The ability to convey complex technical issues to a variety of audiences of different levels of technical expertise and experience
- Enthusiasm about partnering with stakeholders across the business to deliver impactful solutions for the wider company
- Comfortable working in a team and providing constructive, actionable feedback as needed
- Be a US Citizen
- Kubernetes and container security experience
- Experience with security incident response in cloud environments
- Experience with CSPM tooling
- Cloud Provider Certifications, such as AWS Certified Solutions Architect, AWS Certified Security Specialty, Google Associate Cloud Engineer, Google Professional Cloud Security Engineer, Microsoft Azure Administrator Associate, and/or Microsoft Azure Security Engineer Associate
- Infrastructure Automation Certifications from Hashicorp