Senior Security Engineer

September 26

Apply Now

Receive Emails with Similar Jobs

Guidewire Software

WebsiteLinkedInAll Job Openings

Data management and BI • Predictive Analytics • Risk Analysis • Cloud Platform • Unified digital, core, analytics, and AI

1001 - 5000

💰 $750k Series C on 2008-03

Description

• Guidewire Software is looking for a Senior Security Engineer. The ideal candidate will have specific experience with designing, building and maintaining infrastructure technologies with security in mind. • You would also be the Domain Expert when it comes to providing guidance around security standard methodologies in a predominantly AWS environment. • This role will focus on making sure that Infrastructure (on-prem and cloud) technologies that support Guidewire’s products are up to industry standards of Information Security.

Requirements

• Experience with building and operating secure infrastructures with 5-7 years in Information Security (DevSecOps is required). • Deep understanding and hands on experience of secure product development and engineering practices like threat modeling, secure design principles, secure coding, network security, identity management and authentication, encryption, container and container orchestration (EKS, ECS) security, penetration testing, code analysis, security testing, risk assessment and categorization, security monitoring and incident response to provide consultative guidance to global teams on improving security posture. • Has a deep understanding of attacker tools, techniques, and processes and an extensive array of defenses/mitigations for them. • Familiarity with enterprise security controls and security standard methodologies for Windows, Linux, and Mac systems. • Proficiency in core security concepts, including cloud skills (preferred: AWS and GCP), networking and architecture • Prior experience working closely with product and DevOps Engineers and/or SRE's on security requirements. Experience with DevOps environments and Cloud security controls is required ( AWS is a must) • Excellent and effective communication, collaboration and interpersonal skills. Out-of-the-box thinking and ability to work with all levels of staff. Ability to articulate complex security concepts in simple business terms. • Ability to own and lead major initiatives and projects which also includes ability to collaborate with stakeholders at different levels and geo locations • Ability to influence junior engineers within the team and coach them without necessarily having direct reports • Previous experience and the ability to handle and manage change well within and outside the team • In-depth knowledge of TCP/IP networking (OSI stack, TCP, SDN, etc.). • Experience with CI/CD tools such as TeamCity, CodeBuild, Github Actions, Jenkins etc. • Experience using a programming language (would be a plus) such as Python or Go for automation • Experience with infrastructure as code languages such as Terraform or CloudFormation • Experience with configuration management tools such as Ansible, Salt, Puppet, or Chef • Experience with Cloud Security services such as IAM, CloudTrail, GuardDuty, Organizations and Service Control Policies, Shield Advanced