Vacancy expired!
The Sr. Staff Cloud Security Architect owns the end to end design of complex, integrated, enterprise security solutions and deep integrations. Focus on solving business problems by designing a well architected, scalable, and extensible solution. aria-hidden="true" aria-hidden="true" Key senior individual contributor role in our Information Security team supporting IT to deliver solutions to many different business organizations within. aria-hidden="true" aria-hidden="true" Responsible for gathering business and technical requirements from our internal customers to design and help deliver secure solutions. aria-hidden="true" aria-hidden="true"
Experience aria-hidden="true" Demonstrates experience performing security design review of distributed systems and APIs aria-hidden="true" Served as a cloud security SME for high visibility cloud initiatives aria-hidden="true" Created security reference architecture for multi-tenant cloud initiatives aria-hidden="true" Detailed knowledge of cloud computing operations (SaaS, PaaS and IaaS) and how to secure them aria-hidden="true" Translated and applied compliance and security requirements into solutions aria-hidden="true" Demonstrated ability to collaborate with engineers to identify tradeoffs of different solutions and recommend the ideal design to meet security requirements aria-hidden="true" Experience in secure development especially in large, complex system environments aria-hidden="true" Deep understanding and experience securing CI/CD pipelines aria-hidden="true" Strong grasp of the shared responsibility model of cloud computing aria-hidden="true" Product security background preferred aria-hidden="true" aria-hidden="true" Key Responsibilities aria-hidden="true" Responsible for the end-to-end security architecture for cloud solutions involving multiple public cloud stacks (e.g. Azure, AWS, Google Cloud Platform) and internal cloud platforms aria-hidden="true" Responsible for delivering the detailed security architecture and design artifacts aria-hidden="true" Works closely with the security and business domain architects to ensure that platform specific solutions meet the needs of all functional, security requirements and architecture design aria-hidden="true" Communicates best practices and lessons learned and continuously updates the technical security architecture based on changing technologies in collaboration with other domains security architects aria-hidden="true" Recommends and designs the implementation of standards, tools, and methodologies aria-hidden="true" Assists with project level of effort estimations aria-hidden="true" Recommends and participates in ‘Proof of Concept’ meetings required to investigate technical possibilities to meet business needs aria-hidden="true" Develops security strategy and roadmaps to create technical solutions aria-hidden="true" Researches and keeps current on latest cloud security design patterns and cloud products aria-hidden="true" Ability to communicate and work seamlessly in a global team aria-hidden="true" Works with multiple multi-functional teams to support releases of varying size, complexity, and duration aria-hidden="true" aria-hidden="true" Qualifications: aria-hidden="true" Deep knowledge of cloud operational models and secure SaaS/PaaS/IaaS architectures in a world of containerized microservices aria-hidden="true" Experience with Docker and Kubernetes aria-hidden="true" Experience in applying security to cloud technologies (Data Encryption, Securing CI/CD pipeline, Secure Infrastructure as Code, Container Security, IAM) aria-hidden="true" Knowledge of primary Azure services or AWS/Google Cloud Platform analogues (Virtual machines/EC2, ELB, RDS, Route53/DNS, S3/Blob storage, Lambda/Functions, EKS/AKS) and IAM implementation aria-hidden="true" Expertise in cloud architecture and security fundamentals including containers, software-defined networks, high availability design, multi-cloud , and serverless compute aria-hidden="true" Knowledge of serverless computing/functions and how to protect them aria-hidden="true" Hands on experience in driving end to end security for cloud product - SAST, DAST, IAST, OSS scanning, security unit testing, and pen testing aria-hidden="true" Working experience in implementing security tooling in public cloud environment - SIEM, vulnerability and threat management, IDS, container workload protection, DLP, etc. aria-hidden="true" Thorough hands-on experience with CSPM and CWPP tools (ie: Prisma Cloud) aria-hidden="true" Expert in threat modeling and secure architecture review aria-hidden="true" 10+ years total experience and 4+ years in Cloud Security aria-hidden="true" Presenting security risks to wide audience including senior management aria-hidden="true" Familiarity with BeyondCorp or similar zero trust security models aria-hidden="true" aria-hidden="true" Desired Skills: aria-hidden="true" Experience designing and building security services in a SecDevOps cloud operations model aria-hidden="true" Knowledge of compliance requirements for industry standard certifications such as PCI DSS, SOC2, HIPAA, ISO-27001, FedRAMP aria-hidden="true" OWASP Top 10 web application security risks and remediations aria-hidden="true" TOGAF certification- ID: #49478318
- State: California Mountainview 94035 Mountainview USA
- City: Mountainview
- Salary: $90 - $107
- Job type: Contract
- Showed: 2023-03-15
- Deadline: 2023-04-25
- Category: Et cetera