Position. Staff Security Engineer (Cloud Security, Kubernetes)

About the Role
We are seeking a highly skilled and experienced Staff Security Engineer with a specialization in Cloud Security and expertise in implementing Kubernetes. As a critical member of our security team, you will play a crucial role in enhancing our overall security posture, ensuring compliance with industry standards, and seamlessly integrating security into our cloud environment.

Key Responsibilities

1. Network Policies Implementation. Design, implement, and manage network policies within Kubernetes to enhance security controls. Collaborate with cross-functional teams to ensure alignment with overall security strategies.
2. Cloud Security Expertise. Possess in-depth knowledge and hands-on experience with cloud platforms such as AWS, GCP, or Azure. Implement and optimize security controls specific to each cloud provider.
3. Security Testing. Drive the implementation of Dynamic Application Security Testing (DAST) within the cloud environment. Conduct regular security assessments to identify vulnerabilities and provide actionable recommendations.
4. MTLS Implementation. Spearheaded the implementation of Mutual Transport Layer Security (MTLS) to strengthen communication security. Collaborate with development and operations teams to ensure smooth integration.
5. CIS Benchmarking. Implement and enforce CIS benchmark standards for Kubernetes and cloud environments. Perform regular audits to validate compliance and address deviations.
6. Shift Left Security. Advocate for and implement Shift Left Security practices to integrate security throughout the software development lifecycle. Collaborate with developers to embed security into the CI/CD pipeline.
7. Static Application Security Testing (SAST). Drive the implementation of SAST tools to identify and address security vulnerabilities in the source code. Guide development teams on secure coding practices.
8. Enterprise Readiness. Work closely with stakeholders to enhance security measures aligning with enterprise goals. Contribute to initiatives aiming to improve security practices and increase Annual Recurring Revenue (ARR).
9. Execution and Improvement. Take a hands-on approach to executing security initiatives, ensuring timely and effective implementation. Continuously evaluate and improve security processes and procedures to adapt to evolving threats.

Qualifications

• Strong expertise in cloud security, focusing on AWS, GCP, or Azure.
• Proven experience in implementing and managing Kubernetes within a cloud environment.
• Familiarity with network policies, MTLS, CIS benchmarks, and security testing methodologies.
• Experience with Shift Left Security and proactive integration of security into development processes.
• Excellent communication skills and ability to collaborate with cross-functional teams.
• Demonstrated ability to contribute to enterprise-level security strategies.

If you are a passionate and skilled Cloud Security Engineer with expertise in Kubernetes and a desire to enhance our security landscape, we encourage you to apply and join our dynamic team.