Principal Information Security Engineer

About Commvault 

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data. 

JOB DESCRIPTION:

The Opportunity...

Commvault seeks a Principal Information Security Engineer to help develop and grow its Enterprise Cloud Security Center.  The candidate will plan, implement and monitor the tool stack used to secure Commvault's cloud infrastructure. They will drive efforts to both "Shift-Left", and "Look-Right"  from our CSPM.  They will provide expert security advice on both generic best practices and specific technical guidance on securing network, compute, and storage infrastructures implemented in various Cloud Service Providers. The candidate will shape and potentially drive vulnerability remediation campaigns, and recommend proactive measures to prevent the recurrence of such vulnerabilities.  Finally, the candidate will ensure maximum functionality of the tool stack through integration with supporting IT platforms such as IAM, Inventory Management, and other supporting services and technologies.

What you'll do...

• Maintain CSPM tool stack health, work with allied cloud operations teams to ensure connections into monitored clouds are healthy

• Develop and expand tool stack reach and capabilities by deploying agents, gathering new log sources, or integrating with allied security and IT Services platforms and tools

• Serve as cloud security expert to assess technical risk, and drive targeted risk reduction campaigns through other security teams, and non-security stakeholders

• Work with Security Engineering team to integrate CSPM and allied security tools

• Work with Cloud Operations and IT Services teams to ensure integration and inter-operation with Cloud Infrastructure administration and IT Services

• Work with development teams to integrate CSPM with development tool stack to "Shift Left"

• Provide forward-looking threat analysis by  continuously assessing the cloud landscape for relevant trends and emergent threats

• identifying new technologies, tools or capabilities we need to stay ahead of the security curve

Who you are...

• Must have 8+ years' experience working in cloud generally (CloudOps, DevOps, etc.), with 3-5 years of that focused on cloud security

• Must have deep experience with Azure or AWS, preference given to Azure

• Should have some experience with a second major cloud provider (Azure, AWS, GCP, or OCI)

• Operational experience in IT infrastructure, Application Development, or Network Administration is a bonus

Hard Skills/Knowledge

• Must have Engineering skills necessary to establish and maintain the health of the cloud security tool stack

• Must have Scripting competency with a utility scripting language (Perl or Python or similar language)

• Must have Programming/Scripting competency with Infrastructure-as-Code (IaC), Terraform preferred

• Must have a good understanding of RESTful API's

• Must have Expert knowledge of cloud security vulnerabilities and configuration best practices

• Must have Expert security knowledge of Azure or AWS cloud services in particular

• Nice to have knowledge of one or more vendor-neutral cloud security frameworks (CSA, NIST, ISO)

• Must be willing to gain competence in other clouds (Azure, AWS, GCP, OCI, Ali Baba)

Soft Skills

• Ability to work with and communicate with audiences of all technical levels, from experts to non-technical laymen

• Ability to analyze data, identify trends

• Ability to analyze vulnerability trends and create policies to prevent future vulnerabilities

• Self-starter & Self-educator

• Partner, not Subordinate

Education/Certification:

• Preference given to certification in either Azure or AWS

• Nice to have one or more vendor neutral security certification (CISSP, Security+, CCSP, CCSK)

Meet the Hiring Manager: Erik Winberg, Senior Manager, Information Security

Why You'll Love Working Here:

• Continuous professional development, product training and career pathing

• An inclusive company culture, opportunity to join our Community Guilds

• Generous Global Benefits

• Employee Stock Purchase Plan

#LI-JS1

#LI-Remote

Thank you for your interest in Commvault. Total compensation for this role is market competitive, and within the below base salary range:

We’re proud to offer competitive benefits that care for you and your family through our 401K plan, health benefits (including medical, dental, and vision available for families and domestic partners), and pet insurance for your furry family members. You can also find the details of our U.S. benefits by visiting benefits.commvault.com.

Commvault is an equal opportunity workplace and is an affirmative action employer. We are always committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status and we will not discriminate against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we work.

Commvault’s goal is to make interviewing inclusive and accessible to all candidates and employees. If you have a disability or special need that requires accommodation to participate in the interview process or apply for a position at Commvault, please email accommodations@commvault.com For any inquiries not related to an accommodation please reach out to wwrecruitingteam@commvault.com.

For our Candidates to prioritize your security: 

Commvault has been made aware of email and/or text correspondence scams that falsely state that the senders are from the Commvault HR team and/or a member of our leadership team. The scammers even conduct false interviews via email or text and then request personal information (name, address, birthdate, social security number, etc.) when returning the signed offer letter. Please note that Commvault does not conduct interviews by email or text, and we will never ask you to submit a W4 via email or prior to your first day of employment. 

If you think you have been targeted in this recruiting scam, please reach out to us at wwrecruitingteam@commvault.com. You can also find more tips about job scams and how to avoid them on the FTC’s website.