Staff Security Engineer

Emploi pas sur LinkedIn

🕒 il y a 1 mois

🇺🇸 États-Unis – Télétravail

⏰ Temps Plein

🔴 Expert

👮‍♂️ Cybersécurité / Ingénieur Sécurité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

DDN

Site WebLinkedInTous les Emplois

1001 - 5000 employés

Fondée en 1998

🤖 Intelligence artificielle

💰 €10 000 000 Funding Round en 2011-06

Artificial Intelligence • Data Center and Cloud Computing • High Performance Computing

DDN est un leader mondial des solutions de Data Intelligence pour l’IA, offrant des technologies de calcul haute performance (HPC) et de gestion avancée des données. Axés sur l’accélération des déploiements d’IA et de l’analytique avancée, les produits de DDN, dont la Data Intelligence Platform et des systèmes de stockage avancés, servent des secteurs variés tels que la santé, les services financiers et le secteur public. DDN s’engage à transformer l’infrastructure data des entreprises afin d’exploiter tout le potentiel de l’IA et d’améliorer l’efficacité opérationnelle.

Description

• Lead the design and implementation of end-to-end security architecture for distributed storage platforms, including S3-compatible systems, POSIX-compliant file systems, and KV cache–based data services • Partner closely with Data Path engineering teams to ensure secure, high-performance data movement across storage tiers, including encryption, integrity validation, and secure I/O handling • Lead threat modeling, security reviews, and Secure Software Development Lifecycle (SSDLC) practices across the platform • Define identity and access management (IAM) integrating enterprise identity providers such as LDAP, Active Directory, OIDC, and Keycloak, supporting SSO, MFA, and federation • Architect fine-grained authorization models using RBAC and ABAC across tenants, datasets, and resources • Design multi-tenant isolation mechanisms across namespaces, policies, encryption boundaries, and resource quotas, enforcing least privilege and segregation of duties • Collaborate with Control Plane teams to define secure APIs, authentication and authorization workflows, policy enforcement, and tenant lifecycle management • Work with Protocol and Ecosystem teams to secure S3 and POSIX/NFS interfaces, including request signing, session management, and endpoint security • Define and enforce encryption strategies for data at rest and in transit, including tenant-specific keys and dataset-level encryption policies • Drive observability and monitoring strategies to detect anomalous behavior, abnormal access patterns, and potential data exfiltration across the platform • Provide technical leadership and mentorship across cross-functional engineering teams, guiding secure design and implementation practices.

🎯 Exigences

• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field • 12+ years of experience in security architecture, infrastructure security, or distributed systems • Proven experience designing security for large-scale distributed systems or storage platforms • Strong understanding of data path vs. control plane architectures and their security implications • Deep expertise in encryption technologies, key management systems, and cryptographic frameworks • Experience integrating with external KMS solutions using KMIP or similar protocols • Strong knowledge of identity and access management (IAM), including RBAC, ABAC, SSO, MFA, and federation • Experience working with enterprise identity providers such as LDAP, Active Directory, and OIDC • Familiarity with secure API design, TLS 1.3, mutual TLS, and request signing mechanisms (e.g., SigV4) • Experience designing multi-tenant systems with strong isolation and policy enforcement • Knowledge of logging, auditing, and SIEM integration for security monitoring and compliance • Ability to collaborate effectively with protocol, storage, and platform engineering teams.

🏖️ Avantages

• Competitive salary • Flexible working hours • Professional development budget • Home office setup allowance • Global team events