We come from places like Facebook, Google, Yahoo!, VMware, Turn, Cloudera, and Quora to solve problems of building, scaling, and running modern infrastructure and applications. Our team has built these kinds of solutions before, to the scale of hundreds of thousands of systems that serve hundreds of millions of users. We’re putting that experience to work in the belief that everyone, at every company, should have access to the same kind of capabilities as web scale organizations. We believe in transparency, initiative and respecting every individual.
Joining the Security Team:
SignalFx is seeking a hands on Cloud Architecture Security Engineer (AWS/GCP/Azure) to define and manage SignalFx cloud infrastructure security strategy. In this role you will partner with engineering and product management on implementing cloud infrastructure security best practices, review AWS/GCP/Azure configurations, manage existing and implement new security monitoring tools. Furthermore, you will be responsible for security incident prevention, detection and response across our corporate, production and cloud environments. You will report directly to the CSO and work closely with Application Security Engineer and Security Compliance Manager.
Roles and Responsibilities:Provide hands-on leadership and own overall cloud infrastructure security programDevelop, evangelize and enforce security configuration and architecture standards/design patterns across SignalFx technology stack (container and container orchestration, host, server, network, AWS/GCP/Azure)Identify security flaws in current cloud infrastructure and provide remediation guidanceManage continuous internal and external vulnerability scans; partner with engineering on vulnerabilities remediationReview and triage alerts from various cloud infrastructure monitoring toolsDrive execution of security engineering work - remediations, bug fixes, implementation of controls, etc.Contribute to handling security incidentsResearch emerging security standards and best practices, security monitoring systems, encryption technologies, authentication protocols, etc.
Required Experience:3 + years of experience in cloud infrastructure security (AWS/GCP/Azure)Hands-on experience in defensive security - host based security, applied cryptography, protocols, network security, privileged access management etc.Experience securing AWS/GCP/Azure based DevOps environments, including but not limited to security of different AWS/GCP/Azure services, secure design of VPC architectures, best practices for IAM configuration and security of data at rest/in-transit within or across AWS accounts, etc.Experience designing and implementing access control models for privileged access in fast paced cloud environmentsExperience defining technical security policies, requirements and designing controls to enforce those policiesStrong people leader - must be able to lead the and influence cross-functional leaders and executivesWorking knowledge of AWS security controlsExperience working in a fast-moving environment