Staff Security Engineer

Stelle nicht auf LinkedIn

🕒 vor 1 Monat

🇺🇸 Vereinigte Staaten – Remote

⏰ Vollzeit

🔴 Experte

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

DDN

WebsiteLinkedInAlle Stellen

1001 - 5000 Mitarbeiter

Gegründet 1998

🤖 Künstliche Intelligenz

💰 €10.000.000 Funding Round im 2011-06

Artificial Intelligence • Data Center and Cloud Computing • High Performance Computing

DDN ist ein globaler Marktführer für Lösungen im Bereich Datenintelligenz für KI und bietet Technologien für High-Performance Computing (HPC) sowie anspruchsvolles Datenmanagement. Mit dem Fokus, KI-Implementierungen und fortgeschrittene Datenanalysen zu beschleunigen, unterstützen die Produkte von DDN – darunter die Data Intelligence Platform und hochentwickelte Speichersysteme – vielfältige Branchen wie Gesundheitswesen, Finanzdienstleistungen und den öffentlichen Sektor. DDN hat sich der Transformation der Unternehmensdateninfrastruktur verschrieben, um das volle Potenzial von KI auszuschöpfen und die operative Effizienz zu steigern.

Beschreibung

• Lead the design and implementation of end-to-end security architecture for distributed storage platforms, including S3-compatible systems, POSIX-compliant file systems, and KV cache–based data services • Partner closely with Data Path engineering teams to ensure secure, high-performance data movement across storage tiers, including encryption, integrity validation, and secure I/O handling • Lead threat modeling, security reviews, and Secure Software Development Lifecycle (SSDLC) practices across the platform • Define identity and access management (IAM) integrating enterprise identity providers such as LDAP, Active Directory, OIDC, and Keycloak, supporting SSO, MFA, and federation • Architect fine-grained authorization models using RBAC and ABAC across tenants, datasets, and resources • Design multi-tenant isolation mechanisms across namespaces, policies, encryption boundaries, and resource quotas, enforcing least privilege and segregation of duties • Collaborate with Control Plane teams to define secure APIs, authentication and authorization workflows, policy enforcement, and tenant lifecycle management • Work with Protocol and Ecosystem teams to secure S3 and POSIX/NFS interfaces, including request signing, session management, and endpoint security • Define and enforce encryption strategies for data at rest and in transit, including tenant-specific keys and dataset-level encryption policies • Drive observability and monitoring strategies to detect anomalous behavior, abnormal access patterns, and potential data exfiltration across the platform • Provide technical leadership and mentorship across cross-functional engineering teams, guiding secure design and implementation practices.

🎯 Anforderungen

• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field • 12+ years of experience in security architecture, infrastructure security, or distributed systems • Proven experience designing security for large-scale distributed systems or storage platforms • Strong understanding of data path vs. control plane architectures and their security implications • Deep expertise in encryption technologies, key management systems, and cryptographic frameworks • Experience integrating with external KMS solutions using KMIP or similar protocols • Strong knowledge of identity and access management (IAM), including RBAC, ABAC, SSO, MFA, and federation • Experience working with enterprise identity providers such as LDAP, Active Directory, and OIDC • Familiarity with secure API design, TLS 1.3, mutual TLS, and request signing mechanisms (e.g., SigV4) • Experience designing multi-tenant systems with strong isolation and policy enforcement • Knowledge of logging, auditing, and SIEM integration for security monitoring and compliance • Ability to collaborate effectively with protocol, storage, and platform engineering teams.

🏖️ Vorteile

• Competitive salary • Flexible working hours • Professional development budget • Home office setup allowance • Global team events