Cloud Security Engineer

Kubra - Tempe, AZ

posted 2 months ago

Full-time - Mid Level
Tempe, AZ
Professional, Scientific, and Technical Services

About the position

KUBRA is in growth mode and currently seeking a Cloud Security Engineer to join our DevSecOps Team! The Cloud Security Engineer will be responsible for enhancing and validating the confidentiality, integrity, and security of KUBRA's cloud systems and platforms as well as securing development processes and workflows within KUBRA. This is a hybrid role working out of our Tempe office. In this role, you will perform security assessments of KUBRA systems, applications, and infrastructure, providing written reports and recommendations for management review. You will also conduct and review vulnerability assessments, including Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST). Building and maintaining security tools with an emphasis on automation will be a key part of your responsibilities. You will liaise with internal and external stakeholders to ensure security and compliance of all KUBRA-owned computing systems and applications. Additionally, you will provide architectural security guidance to the DevOps team building cloud infrastructure in compliance with industry standards such as PCI-DSS, NIST, CIS, and OWASP in public cloud environments. You will build threat models and security reporting tools, work with the KUBRA Risk team to support risk assessments by providing mitigations to identified risks, and help build appropriate threat models for the KUBRA Cloud Platform. Collaborating with the KUBRA Security team, DevOps, and Platform Engineering teams to maintain vulnerability and patch management processes in line with KUBRA security policy will also be part of your role. You will implement security-related services and processes using Infrastructure as Code (IaC) and ensure compliance of all KUBRA-owned Cloud systems and applications. The ideal candidate will maintain awareness of trends and changes in the Cybersecurity industry and threat landscape, possess excellent written and verbal communication skills, and have the ability to influence others, build relationships, manage conflicts, and handle pressure while focusing on results. Excellent organization, time management, problem-solving, and analytical skills are essential for success in this role.

Responsibilities

  • Perform security assessments of KUBRA systems, applications, and infrastructure providing written reports and recommendations for management review.
  • Conduct and review vulnerability assessments (including DAST and SAST).
  • Build and maintain security tools with an emphasis on automation.
  • Liaise with internal and external stakeholders to ensure security and compliance of all KUBRA owned computing systems and applications.
  • Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments.
  • Build threat models and security reporting tools.
  • Work with KUBRA Risk team to support risk assessments by providing mitigations to identified risks.
  • Work with KUBRA Risk team to build appropriate threat models for KUBRA Cloud Platform.
  • Collaborate with KUBRA Security team, DevOps, and Platform Engineering teams to maintain vulnerability and patch management processes in line with KUBRA security policy.
  • Implement security related services and processes using IaC.

Requirements

  • Experience in public cloud is required: AWS (Required), Azure/GCP (Optional).
  • 2+ years of experience in Cyber Security roles with a preference in engineering.
  • Experience working with software development or DevOps teams is preferred.
  • Experience in systems or network administration is preferred.
  • Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA).
  • Proficiency in a wide range of public cloud technologies (ex. AWS EC2, EKS, EBS, RDS, S3, etc.).
  • Proficiency in Infrastructure as Code (IaC) technologies such as CloudFormation or Terraform.
  • Scripting and automation skills highly preferred (APIs, Python, Bash, PowerShell, Go).

Nice-to-haves

  • Experience working with software development or DevOps teams is preferred.
  • Scripting and automation skills highly preferred (APIs, Python, Bash, PowerShell, Go).

Benefits

  • Award-winning culture that fosters growth, diversity and inclusion for all.
  • Paid day off for your birthday.
  • Free LinkedIn Learning subscription.
  • Bi-annual performance-based bonuses.
  • Continued education with our education reimbursement program.
  • Flexible schedules.
  • Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages).
  • Two paid days for volunteer opportunities.
  • Free on-site Fitness center.
  • Access to a 'Tickets at Work' membership.
  • A free premium membership for 'Headspace'; an app geared towards mental health and wellbeing.
  • 401k Matching.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service