Cloud Cyber Security Engineer

About the position

We are seeking a full-time Cloud Cyber Security Engineer in our Olathe, KS location. In this role, you will be responsible for ensuring adherence to Garmin's cloud information security strategy, programs, and best practices. The selected individual will take an active role in the design and implementation of technical cloud security controls (CNAPP, CSPM, CWPP), threat management, vulnerability management, cloud platform protection controls, and logging. Cloud Security Engineer 2 is considered an expert in cloud security. They must respond promptly and effectively to possible breaches of security in the Garmin cloud ecosystem.

Responsibilities

• Serve as a technical resource in cloud services running on Azure and/or AWS
• Provide security-focused technical guidance to engineers running services in the public cloud
• Partner with the business to ensure services deployed in the cloud are secure, available, and meet Garmin and regulatory requirements for security
• Provide expertise in operating and utilizing advanced cloud security tools, including cloud native application protection platform (CNAPP) tooling, to identify, analyze, and prevent public cloud exploits
• Provide technical guidance in automating manual tasks with at least one scripting language Python, PowerShell, or BASH
• Provide technical guidance in utilizing IAC templates such as JSON, ARM, Bicep, Cloud Formation
• Perform in-depth security assessment testing for Garmin's cloud platforms, cloud compute, repositories, and containers on a global scale
• Perform regular security audits from both a hands-on and theoretical standpoint
• Provide technical guidance on modern security, infrastructure, software development, and application technologies
• Support security capabilities for microservice and cloud-native applications in a CI/CD automated, multi-tenant application environment
• Automate deployments through CI/CD tools such as GitHub Actions and Jenkins
• Utilize and secure code and image repositories such as GitHub, Bitbucket, Harbor, Docker Hub, ACR, and ECR
• Operate and secure enterprise level container-based systems in public and private cloud environments (EKS, AKS, OpenStack, Docker, CRI-O, Kubernetes, etc.)
• Deploy, manage, and secure public cloud infrastructure such as network, storage, databases, compute, and application load balancing
• Provide technical knowledge, training, and mentoring to junior members to improve the overall capabilities of the team
• Provide technical guidance on special projects concerning cloud information security, including identifying new solutions, testing, and implementation of security capabilities
• Utilize program and project management best practices to drive large-scale projects to completion
• Identify associate development and training needs to raise the skill level of cyber security associates
• Participate in the evaluation, cost analysis, and vendor comparisons for new and existing security tooling
• Communicate effectively regarding system operations and environment changes
• Participate and adhere to SOX, PCI, and other regulatory requirements as dictated
• Ensure that all security requirements are met or exceeded
• Provide technical guidance and contributions in defining team roadmap and priorities
• Develop reliable solutions to complex problems which require the regular use of ingenuity and creativity
• Develop a broad understanding of Garmin's business model, including Engineering, Operations, Finance, Sales and Marketing
• Research new technologies and propose cost effective solutions

Requirements

• Bachelor's Degree in Computer Science, Information Technology, Management Information Systems, Business or related field AND a minimum of 2 years relevant experience OR an equivalent combination of education and experience
• Demonstrated experience with public cloud services, with a focus on security
• Demonstrated experience with container-based platforms and related services
• Demonstrated experience with developer tooling such as code repositories and CI/CD platforms
• Demonstrated strong and effective verbal, written, and interpersonal communication skills in a small team setting
• Must be team-oriented, possess a positive attitude and work well with others
• Driven problem solver with proven success in solving difficult problems
• Excellent time management and follow-up skills
• Consistently demonstrates quality and effectiveness in work documentation and organization

Nice-to-haves

• In-depth working knowledge of cloud environments and security principles
• Certifications in public cloud technologies (Azure Solutions Architect Expert, AWS Solutions Architect Associate, etc.)
• Certifications in cybersecurity (CISSP, CCSP, etc.)