Senior Cloud Infrastructure Engineer, Security

The Senior Cloud Infrastructure Engineer, Security serves as a critical member of the Security Vulnerability Management team, designing and assisting in the implementation of highly secure cloud environments. They champion security best practices, proactively identify and mitigate risks, vulnerabilities, security related misconfigurations and help guide the organization in aligning security with business goals. This role collaborates extensively with various teams, assists in incident response, and mentors others to elevate the organization's overall security posture.

You can work remotely for this opportunity.

Role:

• Work with SRE teams to design, implement, and maintain highly secure cloud and application infrastructure, emphasizing network segmentation, access controls, encryption, monitoring, vulnerability and patch management, among others.
• Advocate for security best practices and proactive threat mitigation throughout the organization.
• Develop and maintain cloud security standards, leveraging industry frameworks (NIST, CIS, etc.) and cloud provider recommendations.
• Evaluate designs and architectures for potential vulnerabilities, proposing risk mitigation measures.
• Ensure seamless integration of cloud security solutions across cloud and on-premise infrastructure.

What will make you successful:

• You have built strong relationships within SRE teams, enabling you to effectively champion security initiatives and drive organizational change. 
• You have achieved a deep level of understanding across all aspects of Lightspeed’s complex cloud environments.
• You are able to own and drive complex cloud security projects from concept to completion, working with and engaging stakeholders across the organization as necessary.
• Overall reduction in organizational risk due to improved cloud architecture, controls, and remediated vulnerabilities and risk assessments.

Experience:

• 7+ years of deep hands-on experience designing, implementing, and managing security within large-scale cloud environments (AWS, GCP, Azure, etc.).
• Bachelor's degree or equivalent experience in computer science, cybersecurity, network engineering, or a similar field.
• Significant experience aligning systems with regulations (PCI DSS, SOC2, etc.) and conducting risk assessments.
• AWS Certified Security Specialty, Azure Security Engineer, Google Cloud Certified Professional Security Engineer, or equivalent. 
• Demonstrated ability to lead cross-functional initiatives.
• Conduct regular risk and vulnerability assessments of cloud infrastructure, applications, and data.
• Identify, prioritize, and triage vulnerabilities based on severity and potential impact.
• Work closely with cloud architects, engineers, developers, and operations teams to provide guidance and recommendations for improving security posture based on vulnerability assessment findings.
• Participate in incident response, and assist in remediation efforts.
• Research, assess, and select security tools and technologies best suited for the organization's vulnerability management program.
• Partner/mentor fellow security team members, fostering expertise across multiple cloud environments (AWS, GCP, Azure).
• Identify and work to develop automation to detect, alert and protect against malicious activities.
• Generate reports and metrics to track vulnerability trends, remediation progress, and compliance with security standards.

And a little bit of.... 

• On-call availability for incident response.
• Contributing as part of the wider team to achieve organizational objectives even if this means doing things that aren’t strictly within the scope of your role.

What do you need to succeed here?

• Experience with Application Vulnerability Management, SAST, and DAST.
• Experience with Vulnerability Management tools such as Rapid7 InsightAppSec,  Snyk, Github, Crowdstrike Falcon Cloud and Endpoint Security. 
• Expert-level understanding of cloud technologies (AWS, Azure, GCP, etc.) and security principles.
• Extensive knowledge of security principles, access controls (IAM), network security, encryption, vulnerability management, threat modelling, and incident response.
• Expertise in designing and implementing cloud security architectures.
• Expertise in security frameworks, regulations, and compliance requirements.
• Strong analytical and problem-solving skills.
• Excellent communication and leadership abilities.
• Excels in cross-functional collaboration.
• Ability to adapt to a complex and ever-changing environment.