About the position
As a senior member of the Globus Operations team, reporting to the System and Security Operations Manager, the focus of this position is to ensure security is comprehensively and effectively integrated into both our software services and AWS cloud infrastructure. The Globus platform is a hybrid solution that combines AWS-hosted orchestration services with installable applications, enabling seamless integration into customer environments. It offers a range of capabilities, including identity and access management, data transfer and sharing, and task automation, delivered as both software-as-a-service (SaaS) and platform-as-a-service (PaaS). This position will architect, implement, and operate a resilient Cloud infrastructure to ensure high-security, high-performance, high-availability and scalability for Globus platform services. We're looking for a talented senior DevSecOps engineer who can effectively work across teams to integrate security into new and existing software and infrastructure services as well as be an evangelist and educator of security best practices.
Responsibilities
- Lead the implementation and monitoring of Globus' security procedures and controls, including creating audit reports to meet target security compliance standards.
- Integrate security features into the software development life cycle, as well as existing services and infrastructure.
- Identify potential threats and vulnerabilities early in the development process through techniques like STRIDE and implement mitigating strategies.
- Lead the definition and documentation of Cloud infrastructure architecture, including security, monitoring, logging, and deployment strategies, for the production and development environments.
- Deploy, operate, monitor, and maintain production Globus services for high availability.
- Assist in addressing operational issues and troubleshooting as a technical consultant and resource for other team members.
- Design new systems, features, and tools, solving complex problems and identifying opportunities for technical improvement and performance optimization.
- Utilize technical knowledge of existing and emerging technologies, including public cloud offerings from Amazon Web Services, Microsoft Azure, and Google Cloud.
- Perform other related work as needed.
Requirements
- Minimum requirements include a college or university degree in related field.
- Minimum requirements include knowledge and skills developed through 5-7 years of work experience in a related job discipline.
Nice-to-haves
- Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management.
- Knowledge of the SDLC and experience integrating security best practices at every process stage.
- Understanding cloud security principles, including secure architecture design and configuration management.
- Knowledge of container security principles relating to Docker and AWS ECS.
- Good analytical problem-solving skills to scrutinize and solve very intricate security problems with effective solutions.
- System Administration, Operations Monitoring, Application Performance Monitoring, Logging, Incident and Problem Management.
- Use operational tools and monitoring platforms to gain in-depth knowledge, understanding, and ongoing system availability, performance, and capacity.
- Define requirements and develop tools and reporting as needed by projects and operations.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible working hours
- Remote work options
- Professional development opportunities
