Staff Security Engineer

Staff Security Engineer.

Location: #Charlotte, NC.
Salary: Competitive.
Employer: Intuit Credit Karma.

Responsibilities:
• Lead strategic initiatives to mitigate and remediate security risk across the organization.
• Implement & Instrument security controls and tooling across cloud infrastructure to uplevel the security posture.
• Work on a cloud native environment leveraging Containerized Workloads, Serverless Architecture and Automated CICD Pipeline to manage Infrastructure-as-a-Service.
• Perform Scripting and Coding to build security tooling and for automating redundant tasks.
• Use terraform to deploy security baseline controls, perform code reviews, and provide recommendations for improved security.
• Research and advocate new technologies, architectures, and security products that will support security strategies, patterns, and standards and help address new threat vectors
• Lead Applied Cryptography function focussed on PKI, Key Lifecycle Management and Secrets/Vault Management in a distributed and multi-tenant environment.
• You will be working on at least 2-3 vertical domains within Security Engineering- Applied Cryptography, IAM, Network Security, Vulnerability Management or Detection & Response Engineering.
• Operate in a Tier 0 environment with a rigor and discipline to handle rotational on call and incident response.
• Define, document and implement security standards, guidelines and procedures for secure operations in a cloud infrastructure environment.

Requirements:
• 10+ years of experience in Security Engineering building, operating and architecting a combination home grown and vendor solutions.
• Strong understanding of Computer Engineering with a focus on Security, Infrastructure, Platform, IAM and Application (Cloud, Containerization, Container orchestration, Network, Application Reliability, Database Architecture).
• Demonstrable knowledge of Network Architecture, web application security, and experience supporting multi-tier web application architectures.
• Experience running Infrastructure at scale; utilizing Configuration Management and automation to ensure idempotency, ephemerality, security, and reliability.
• Experience operating Tier 0 Systems in Production which are customer and revenue impacting.
• Expertise in at least 2-3 vertical domains within security engineering is a big plus - Applied Cryptography, IAM, Network Security, Vulnerability Management or Detection & Response Engineering.
• Professional knowledge of Golang, Java or other higher-level OOP languages.
• Professional experience with Kubernetes, Helm, Terraform and CI/CD toolsets.
• Familiar with SRE and Devsecops methodologies and passionate about solving operation problems by utilizing automation and software.
• Ability to communicate effectively vertically and horizontally within the organization via demonstrated written and verbal communication skills.

⚡ Показать контакты

#Офис #ИБ