Staff Security Engineer

Vaga não está no LinkedIn

🕒 Abril 20

🇺🇸 Estados Unidos – Remoto (EUA)

⏰ Tempo Integral

🔴 Especialista

👮‍♂️ Cibersegurança / Engenheiro de Segurança

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

DDN

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

Fundada em 1998

🤖 Inteligência Artificial

💰 $10.000.000 Funding Round em 2011-06

Artificial Intelligence • Data Center and Cloud Computing • High Performance Computing

DDN é líder global em soluções de inteligência de dados para IA, fornecendo tecnologias de computação de alto desempenho (HPC) e gestão sofisticada de dados. Com foco em acelerar implantações de IA e análises avançadas de dados, os produtos da DDN, incluindo a Data Intelligence Platform e sistemas de storage avançados, atendem a setores diversos como saúde, serviços financeiros e governo. A DDN está comprometida em transformar a infraestrutura de dados das empresas para aproveitar todo o potencial da IA e impulsionar a eficiência operacional.

Descrição

• Lead the design and implementation of end-to-end security architecture for distributed storage platforms, including S3-compatible systems, POSIX-compliant file systems, and KV cache–based data services • Partner closely with Data Path engineering teams to ensure secure, high-performance data movement across storage tiers, including encryption, integrity validation, and secure I/O handling • Lead threat modeling, security reviews, and Secure Software Development Lifecycle (SSDLC) practices across the platform • Define identity and access management (IAM) integrating enterprise identity providers such as LDAP, Active Directory, OIDC, and Keycloak, supporting SSO, MFA, and federation • Architect fine-grained authorization models using RBAC and ABAC across tenants, datasets, and resources • Design multi-tenant isolation mechanisms across namespaces, policies, encryption boundaries, and resource quotas, enforcing least privilege and segregation of duties • Collaborate with Control Plane teams to define secure APIs, authentication and authorization workflows, policy enforcement, and tenant lifecycle management • Work with Protocol and Ecosystem teams to secure S3 and POSIX/NFS interfaces, including request signing, session management, and endpoint security • Define and enforce encryption strategies for data at rest and in transit, including tenant-specific keys and dataset-level encryption policies • Drive observability and monitoring strategies to detect anomalous behavior, abnormal access patterns, and potential data exfiltration across the platform • Provide technical leadership and mentorship across cross-functional engineering teams, guiding secure design and implementation practices.

🎯 Requisitos

• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field • 12+ years of experience in security architecture, infrastructure security, or distributed systems • Proven experience designing security for large-scale distributed systems or storage platforms • Strong understanding of data path vs. control plane architectures and their security implications • Deep expertise in encryption technologies, key management systems, and cryptographic frameworks • Experience integrating with external KMS solutions using KMIP or similar protocols • Strong knowledge of identity and access management (IAM), including RBAC, ABAC, SSO, MFA, and federation • Experience working with enterprise identity providers such as LDAP, Active Directory, and OIDC • Familiarity with secure API design, TLS 1.3, mutual TLS, and request signing mechanisms (e.g., SigV4) • Experience designing multi-tenant systems with strong isolation and policy enforcement • Knowledge of logging, auditing, and SIEM integration for security monitoring and compliance • Ability to collaborate effectively with protocol, storage, and platform engineering teams.

🏖️ Benefícios

• Competitive salary • Flexible working hours • Professional development budget • Home office setup allowance • Global team events