Jack Henry & Associates is a leader in the fintech industry, seeking a Senior Cloud Security Engineer with expertise in DevSecOps and multi-cloud security engineering. This role focuses on embedding security throughout the CI/CD lifecycle and building scalable cloud-native guardrails to secure critical cloud workloads.
Responsibilities:
- Researches, recommends and implements changes to enhance network security as part of our cloud infrastructure transformation
- Design security solutions that maintain security and compliance within public cloud while ensuring alignment of technology to business strategy
- Develop and understand JHA's public cloud strategic roadmap and continuously identify gaps in cloud security program coverage
- Work with the Digital Cloud DevOps team to integrate and operationalize security within their workflows
- Participate and collaborate in project level architecture reviews and vendor selection recommendations
- Assist in creating security architecture documentation based on specifications
- Review security design to discover any errors or confirm the design meets required specifications
- Build and maintain secure CI/CD workflows using GitHub Repositories, GitHub Actions, GitHub Docs, and GitOps operating patterns
- Champion and implement Security as Code principles from design through deployment
- Engineer and operate Cloud Security Posture Management (CSPM) solutions across AWS, Azure, and Google Cloud Platform
- Build, test, validate, and promote cloud security controls into production workloads
- Perform ongoing cloud control effectiveness evaluations and contribute to ICS security architecture
- Use Terraform to build, deploy, and manage cloud security infrastructure and guardrail configurations
- Develop automation using Python to support monitoring, remediation, CI/CD integrations, and guardrail enforcement
- Performs other duties as assigned
Requirements:
- Minimum of 6 years of experience in software development, DevOps, or Infrastructure as Code
- Building and maintaining secure CI/CD workflows using GitHub Repositories, GitHub Actions, GitHub Docs, and/or GitOps operating patterns
- Cloud Security Posture Management (CSPM) Engineering
- Hands-on experience deploying and managing containerized applications
- Practical experience in declarative service infrastructure environments, specifically using Terraform
- Experience in an AWS, Azure, and/or Google Cloud Platform cloud environment
- Experience managing production environments in Google Cloud Platform (Google Cloud Platform)
- Support cloud security architecture decisions, threat modeling engagements, and change control processes
- Implement serverless automated remediation using AWS Lambda, Azure Functions, and Google Cloud Platform Cloud Functions
- Mentor and coach junior and mid-level engineers
- Lead design discussions, perform peer reviews, and provide guidance on best practices
- Maintain engineering documentation, runbooks, diagrams, and GitHub-based developer guidance
- Production Programming Experience in Go or Python
- Familiarity with operating in a Unix/Linux shell
- Industry Certification in Google PCSE, AWS Security, AZ-500, CKS, CCSP, CISSP, CCSK