Senior Cloud Security Engineer – FedRamp

🕒 vor 1 Monat

🤠 Texas – Remote

🤠 Texas – Remote

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Zimperium

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

Gegründet 2010

🔒 Cybersecurity

🏢 Unternehmen

☁️ SaaS

💰 €12.000.000 Venture Round im 2018-11

Cybersecurity • Enterprise • SaaS

Zimperium ist ein führendes Unternehmen in der mobilen Sicherheitsbranche, spezialisiert auf mobile Endpunkt- und Applikationssicherheit. Sie bieten fortschrittliche Lösungen zum Schutz mobiler Geräte und Anwendungen, damit Unternehmen ihre mobilen Endpunkte sichern und sicheren Zugang zu sensiblen Daten und Systemen ermöglichen können. Die Plattformen von Zimperium integrieren sich in verschiedene Umgebungen, einschließlich Cloud, On-Premises und Air-Gapped-Setups, und gewährleisten kontinuierliche und beständige Sicherheit während der Entwicklung und Laufzeit. Das Unternehmen ist bekannt für seinen einzigartigen Fokus auf mobile Sicherheit und bietet Werkzeuge, die helfen, Datenverlust, Betrug und regulatorische Verstöße in mobilen Apps zu verhindern.

Beschreibung

• Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments. • Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale. • Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters. • Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls. • Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications. • Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable "shift-left" security practices. • Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services. • Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase. • Participate in a rotating on-call schedule to address security incidents and operational issues promptly. • Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership. • Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to completion.

🎯 Anforderungen

• 8+ years of progressive experience in IT, with at least 5 years dedicated to Cloud Security Engineering in a multi-cloud environment. • Expert-level proficiency in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation. • Deep practical experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI. • Proven expertise in system hardening using industry standards like CIS Level 2 and DISA STIGs. • Extensive experience with Linux administration and securing containerization technologies, specifically Kubernetes. • Hands-on experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls. • Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services. • Strong working knowledge of DevSecOps principles, including integrating security tools into CI/CD pipelines. • Proven experience with Secret Management solutions (e.g., HashiCorp Vault, AWS Secrets Manager). • Excellent written and verbal communication skills, including the ability to write executive-level reports and deliver technical presentations. • Proven ability to operate independently and take ownership of critical responsibilities.

🏖️ Vorteile

• Health insurance • Remote work options