Product Security Engineer

Benefits

  • 💸
    Plenty o’ paid time off

    Team members start with 3 weeks of paid time off.

  • 📚
    Education coverage

    Get up to $1,000 a year in skill development covered.

  • 🏝
    Get paid to take a break

    Get a $1,000 bonus the first time you take a vacation that's 5 days or longer.

  • 🧘🏾
    A big focus on health

    $200 monthly wellness stipend, to be used for whatever wellness means for you.

Web Spiders is seeking a Product Security Engineer, to join a project for our Global MNC Client. Our Client is a B2B US Software company with more than 11,000 customers and $400m in revenues. The role is remote, anywhere in India and requires a minimum 7+ years of experience. As a Product Security Engineer, will be an integral part of Product Security Engineering.  This engineer owns performing threat modelling, secure architecture review, DevSecOps pipeline build, security automation across a variety of security tools throughout the Public Cloud & enterprise.

 

Prior Experience : 7+ years of relevant cloud security operations experience

Location: Remote - Pan India (Preferred Bangalore, Pune, Ahmedabad )

‍Full Home office setup will be provided

Interview Process:

1) One-way Video Interview

2) Online Test

3) 2-way interview ---> And on selection you are on your way to work for a Global MNC project.

Salary & Benefits Increment: Minimum 25% 

Responsibilities:

  • Leading architecture and major design decisions that will affect our infrastructure and our product
  • Lead threat intelligence and incident response for complex cases, identify enforcement strategies
  • Designing and implementing security controls in multi-cloud environments
  • Automating and orchestrating infrastructure (Terraform) changes across Gov and Public clouds
  • Architect, deploy security solutions, tools for Application and Public Cloud Security
  • Consulting with leadership on cloud security architecture decisions that will affect company for years to come
  • Creating, deploying, analysing, and refactoring our infrastructure through infrastructure-as-code tools, (e.g., Terraform)
  • Assisting engineering in the deployment of services and applications and creating a secure-by-default environment
  • Strong comprehension of security services working hands-on-keyboard (“HOK”)
  • Possess strong security fundamentals and have solid threat modelling and security architecture skills
  • Provide subject matter expertise in Cloud Security Posture Management (CSPM)
  • Knowledge and understanding of security industry trends and new technologies and the ability to apply learnings in an evolving cloud security threat landscape
  • Demonstrate creativity and out of the box thinking to continuously improve the organisation's threat intelligence, security monitoring, detection, and response capabilities
  • Evaluate existing security controls for efficacy, identify gaps, drive remediation and risk treatment processes across all of company products and services
  • Experience working with multiple compliance and privacy frameworks
  • Working with the team to take on projects which gather telemetry from many sources, identify risks from that telemetry, and remediate those risks and automate remediation
  • Develop and present security tooling deployment, documentation, Run books and SOPS for operations
  • Willingness to dive-in supporting environments as a part of 24x7 global cloud operations team 

Requirements:

  • Bachelor’s degree in a relevant field of study required: Computer Science, Management Information Systems, etc., or equivalent experience and 7+ years of relevant cloud security operations experience
  • Operated and have an in-depth understanding of cloud infrastructure platforms, (AWS and Azure or GCP)
  • Experience writing performant, maintainable, testable code in at least one of the following: Go, Rust, Python, or Node.js
  • Has deep knowledge of Cloud Security and Application Security Concepts
  • Experience participating in an on-call rotation for global, critical services
  • Experience using infrastructure-as-code tools, (e.g., Terraform)
  • Experience working with modern development and deployment workflows (containerization, container orchestration, CI/CD etc.)
  • Experience with secrets management systems, (e.g., Vault)
  • Working knowledge of public cloud platforms (AWS, Azure and/or IBM or GCP) Cloud platforms, or some certifications
  • Cloud Certification in field of operations and security is highly desired
  • Expertise using with one or more languages (Terraform, Python, Java, PowerShell), and git
  • Experience in cloud management or micro-service architecture and related technologies like Docker, Kubernetes, etc.
  • Collaborate cross-domain with internal and external stakeholders at all levels of a company
  • Demonstrate creativity and out of the box thinking to continuously improve the organisation's threat intelligence, security monitoring, detection, and response capabilities
  • Strong communication and team skills in a distributed global environment
  • Motivation and ability to grow talent by providing a proper mentorship and performance management environment while prioritising empathy
  • Strong analytical skills and passion to solve problems

Let's work together

Max file size 10MB.
Uploading...
fileuploaded.jpg
Upload failed. Max size for files is 10 MB.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.