Job Directory Staff Cloud Security Engineer

Staff Cloud Security Engineer
Redwood City, CA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

This is an exciting time for Shutterfly. In this position you will be an integral part of a developing and expanding Shutterfly's cloud security program. The Staff Cloud Security Engineer is a vital role that helps to provide assurance for Shutterfly's critical cloud resources. Your focus will be on helping to build and maintain a cloud security program for multiple public and private clouds.

Your primary duties and responsibilities will include:

* Design, develop and deploy secure cloud technologies and configuration best practices
* Hands-on coding/testing to assist in remediating security vulnerabilities in cloud infrastructure and processes
* Work with various teams across the enterprise to identify and resolve cloud security issues and make improvements to the architecture of our cloud stack
* Provide feedback in the early design phases of a project to improve overall cloud design
* Act as technical liaison between Information Security, development teams, architecture teams, platform teams and more
* Review and analyze existing processes and suggest improvements for increased security and efficiency
* Build and design secure processes and automation into key technology processes (CI/CD pipelines, image repositories, etc)
* Provide feedback and guidance for how to securely architect and implement solutions in major public cloud environments (AWS, Azure, Google)
* Provide recommendations for how to secure critical assets including containers, tasks, and exposed resources

Minimum Qualifications:

* 6-8 years working as a devops or cloud engineer and 1-3 years specifically in cloud security
* Hands on experience in both using and securing containerized systems and container registry solutions
* Familiarity with different source control solutions and CI/CD pipeline technologies including best practices for how to secure these solutions
* Experience in deploying and maintaining security controls in various public cloud environments (AWS, Azure, Google)
* Thorough understanding of pricing/cost models across cloud providers and services, and how security decisions can affect/impact cost
* Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude.
* Must have understanding of various systems technologies, architecture fundamentals, next-generation technology and very strong security understanding
* Experienced in training task/project-oriented contributors (devops, neteng, syseng, etc) to promote and integrate security into their solutions from the ground up
* Proven communication skills, the ability present information clearly and concisely to all levels of management both formally and informally
* Understand information security concepts, protocols, and industry best practices
* Relevant security or cloud certifications (SANS/GIAC, CISSP, CCSP, AWS certifications, etc.) or equivalent proven experience

Preferred Qualifications:

* Working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins and Maven
* A history of uncovering and remediating cloud security and system security flaws
* A strong understanding of coding and scripting languages such as Java and Python and the ability to easily switch between a variety of languages quickly
* Must be comfortable operating in a Bash Shell environment
* Experience with one or more configuration mgmt tools such as Ansible, Chef or Puppet
* Experience performing internal architecture and engineering related assessments/reviews
* Extensive experience with AWS service offerings and related harding including, but not limited to, EC2, S3, VPCs, ALBs, Cognito, Security Groups, CloudWatch, SQS, SNS, Lambda, Kinesis, etc.
* Experience with VMWare, Vcenter and other internal private cloud technologies
* Strong understanding and experience with Terraform, CloudFormation, Docker, ECS, EKS, Kubernetes and other infrastructure as code repositories, containerization platforms and related tools
* Proven experience with cloud governance structure and facilitating the transition of on-prem workloads to the cloud
* Familiarity with cloud storage technologies such as S3, RDS, Dynamo, Aurora, etc
* Experience deploying and working with various cloud security augmentation technologies (monitoring tools, cloud security container solutions, code repo security tools, orchestration technologies, etc)
* Experience with software engineering best practices, such as agile methodologies, code reviews/Git pull requests and unit/functional testing
* A strong ability and willingness to learn and adapt new technologies is desired

#LI-HS1

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.