Security Architect

3 days ago

🇺🇸 United States – Remote

🤠 Texas – Remote

Although this job is listed in Texas, this company may be open to hiring remote in other states.

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Security Engineer

🦅 H1B Visa Sponsor

Apply Now

Receive Emails with Similar Jobs

Cloudera

WebsiteLinkedInAll Job Openings

Big Data • Cloud Computing • machine learning • cloud • Analytics

1001 - 5000 employees

Founded 2008

🏢 Enterprise

☁️ SaaS

🤖 Artificial Intelligence

💰 $4.1M Venture Round on 2013-01

Description

•At Cloudera, we empower people to transform complex data into clear and actionable insights. •Are you passionate about automating and integrating security and security practices at every phase of the software development lifecycle, from initial design through integration, testing, delivery, and deployment? •Cloudera is looking for a Security Architect with expertise in multi-cloud and on-prem environments to join a unique blended team. •Bringing both security operations knowledge and application security know-how, you and our highly collaborative team will play a crucial role in designing Cloudera’s products and ensuring the security of the Cloudera platform. •In this role, you will be part of our Product Security and Application Security team (ProdSec). •This team is charged with engineering, maintaining, and operational security of our production systems while also working as a critical part of our product development process, reviewing designs and providing advice to product teams to drive change at the design stage of the development lifecycle. •Our goal is to build a cycle of improvement that involves discovering and addressing design issues using a highly automated SecOps process and looping those findings back into our product team’s design process, reducing issues in future generations of our products. •You have the opportunity to teach and learn from Kubernetes trailblazers and help blaze new paths for those following behind you. •As a Security Architect, you will: Design and deploy new cloud environments using automation. Perform security architecture reviews of new products and features, develop threat models, and perform risk assessments. Work closely with the Site Reliability Engineering (SRE) team to continually monitor and maintain the security of production cloud systems. Develop, refine, and drive the adoption of security best practices. Influence decision-makers and stakeholders to continually raise the bar for security. Develop and deliver security training and outreach to internal development teams. Work collaboratively with the compliance and platform security teams to improve processes and drive changes back into the product design stage for the next new product or feature. Mentor junior members of the Security team in DevSecOps practices and procedures. Mentor security advocates who are embedded in software development teams to understand security principles and best practices. Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership.

Requirements

•Experience performing security reviews, developing and reviewing threat models, and risk assessments against complex systems. •Experience with AWS, Azure, and Google Cloud network and security best practices. •Experience partnering closely with high-velocity engineering teams. •Ability to communicate complicated security concepts with both technical and non-technical audiences. •Ability to lead through influence within a Secure Software Development Life Cycle for multiple products and technologies, meeting customer expectations for security. •Demonstrated ability to listen to other's diverse points of view and work together to find the best solution. •Demonstrated experience working in a situation where you must balance business needs with security risks. •Deep understanding of networking principles and how network architecture interacts with security (Standard networking stack, TLS, IPSEC, HTTP, DNS, etc.). •Deep understanding of cryptography, web service frameworks, and service architectures (such as event-driven, service-oriented, or serverless architecture). •In-depth knowledge of standard attacks and countermeasures. •Deep understanding of Kubernetes operations and security. •Moderate to advanced Linux knowledge. •Experience conducting security assessments, including some familiarity with pentesting. •Experience with code review of one or more programming languages (Java, Python, Go, JS/TS). •Experience with Terraform, Unix shell scripting, Hashicorp Vault, etc. •Knowledge of standard Security Operations Center (SOC) tools. •Security certifications (CISSP, CISA, etc.) are a bonus but not required. •Familiarity with Cloudera’s products or other distributed computing systems is a strong bonus, or a willingness to dig into our products to truly understand how they work.

Benefits

•Generous PTO Policy •Support work life balance with Unplugged Days •Flexible WFH Policy •Mental & Physical Wellness programs •Phone and Internet Reimbursement program •Access to Continued Career Development •Comprehensive Benefits and Competitive Packages •Paid Volunteer Time •Employee Resource Groups