Cloud Security Lead DevOps Engineer
We are seeking an experienced Cloud Security Lead DevOps Engineer to support our mission of providing secure, reliable, and innovative cloud solutions.
* Collaborate with Developers to build a world-class infrastructure that meets customer security and uptime requirements.
* Act as a key contributor to the development of developer and CI/CD processes to improve developer agility and code quality.
* Approve release for CI/CD DevSecOps (implementation engineering).
* Manage CI/CD and pipeline for incident response.
* Lead CSO incident response, drive recovery activities, and support post-incident processes.
* Manage mission-critical cloud-based production systems; proactively take action if/when systems are down or there are interruptions in service; root cause and implement corrective actions to build long-term customer loyalty.
* Develop and improve processes and procedures for the CSO team.
* Ensure compliance with Service Level Agreements (SLA), process adherence.
* Create compliance reports, support the audit process, and measure CSO performance metrics.
* Help to identify emerging technologies & security practices that can enhance our offering to customers.
* Be passionate about security, automation, quality, and reliability.
Required Skills:
* Knowledge of AWS and its associated technologies, both from Security and Cloud Ops perspective.
* Knowledge of Terraform.
* Experience analyzing vulnerabilities from 3rd Party scanning, determining remediation, and implementing fixes in lower environments, then validating and deploying to Production.
* Experience with Incident Management and crisis management.
* Maintain smooth operation of multi-user computer systems, including coordination with network, software, and system engineers, PC desktop technicians, project managers, end users, and IT management.
* Recommend and implement system enhancements to improve performance and reliability, including installing, upgrading/patching, monitoring, problem resolution, and configuration management.
* Experience with Azure Security Center, Google Cloud Security.
* Understanding of networking systems, security vulnerabilities, exploits, and attacks.
* Basic understanding of threat frameworks such as ATT&CK.
* Understanding of Risk Management principles.
* Experience in building, configuring, operating, and securing cloud infrastructure and applications in a CSP using native capabilities or third-party tools.
* Ability to independently assess risks and identify vulnerabilities, suggest new processes, policies, and security controls.
* Ensure new releases are compatible, aligned with CSO strategy, and properly onboarded to operations.
* Develop and document technical processes and procedures; provide technical support for queries and issues.
Preferred Qualifications:
* Minimum 3+ years in Cloud Technologies, preferably AWS.
* Minimum 3+ years with deployment orchestration systems such as Kubernetes, ECS, and Elastic Beanstalk.
* Minimum 2+ years with CI/CD tools like CircleCI or Jenkins.
* Minimum 2+ years with Docker and Docker-Compose.
* Minimum 4+ years with configuration management and automation tools (e.g., Puppet, Ansible, Chef, CloudFormation, SaltStack, Terraform).
* Strong Linux system administration experience.
* Strong programming experience in at least one language (Python, Node.js, Java, Go, C/C++, Ruby).
* Experience with logging and monitoring tools such as ELK, DataDog, NewRelic, LogEntries, SumoLogic.
* Able to participate in 24/7 incident response escalation.
* Strong written and verbal communication skills.