Information Security GRC Program Senior Manager directing security governance, risk, and compliance functions at Kemper. Leading a team to ensure audits, exams, and control frameworks are maintained effectively.
About the role
- Senior Cloud Security Engineer enhancing cloud security measures for Iterable's customer engagement platform. Collaborating across teams to identify vulnerabilities and drive architectural improvements in security.
Responsibilities
- Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices, document and ensure security issues are appropriately remediated
- Leverage subject matter expertise of systems and infrastructure to propose solutions and drive architectural improvements which address classes of security vulnerabilities
- Develop and implement cloud and infrastructure security architecture and contribute to overall strategy and roadmap plans
- Participate in the selection, design, development, implementation, and management of automated security testing tools, such as cloud security posture management and image vulnerability scanners
- Implement solutions that integrate into CI pipelines to shift security as far left as possible and raise concerns early to engineering teams.
- Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure deployments via Terraform, AWS CloudFormation, or similar, are secure and compliant with standards and guidelines
- Coordinate and participate in penetration tests of our cloud services
Requirements
- 5+ years hands-on-keyboard in Cloud Security, SRE, DevOps, DevSecOps, or Infra Engineering.
- Strong working knowledge of Kubernetes and ecosystem tools such as helm, ArgoCD.
- Production experience with AWS services, particularly AWS Organizations, AWS Identity (SSO), Identity and Access Management (IAM), Service Control Policies (SCPs), Virtual Private Clouds, Elastic Load Balancers, AWS CloudTrail, and Security Groups.
- Proficiency with Terraform.
- Experience developing custom actions or workflows in Github or Gitlab.
- Solid understanding of cloud security vulnerabilities defense techniques and security best practices, including AWS security practices and present-day threats.
- Proficiency in a high level programming language, such as Python or Go.
- Familiarity with policy management tools such as OPA or Kyverno.
Benefits
- Competitive salaries, meaningful equity, & 401(k) plan
- Medical, dental, vision, & life insurance
- Balance Days (additional paid holidays)
- Fertility & Adoption Assistance
- Paid Sabbatical
- Flexible PTO
- Monthly Employee Wellness allowance
- Monthly Professional Development allowance
- Pre-tax commuter benefits
- Complete laptop workstation
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Associate Director ICT Security overseeing the cybersecurity strategy and team leadership at PFH Technology in Dublin. Ensuring compliance and security in Ireland’s healthcare infrastructure.
VG
Senior Consultant focused on ISMS, BCM, and cybersecurity compliance at VICCON GmbH. Leading projects and collaborating with clients to enhance their information security and resilience.
GSS Officer at Itad supporting safety, security, and travel policies. Overseeing risk management and collaborating with project teams for operational support.
Install and manage fall protection systems at height, ensuring compliance with safety standards. Leadership required in overseeing teams and project delivery at construction sites.
Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.