The Cortex DevSecOps group needs a Senior Principal DevSecOps Engineer to secure immense cloud and on-prem deployments, act as a security advisor for new developments, and oversee security improvements for current infrastructure and processes. The role involves guiding new security initiatives and identifying new attack vectors.
Requirements
- 10+ years as a DevSecOps or Product Security Engineer
- Experience in reviewing architectures and identifying security gaps
- Experience helping engineering teams to focus high value security issues and avoid toil on non security issues
- Experience securing SaaS and on-prem products
- Experience working in highly regulated environments, such as FedRAMP
- Deep understanding of cloud-native architecture and security (AWS/GCP/Azure)
Responsibilities
- Secure immense cloud and on-prem deployments
- Act as a security advisor for all infrastructure and application related new developments
- Oversee all current infrastructure and processes security improvements
- Guide new security initiatives in the product group
- Identify new attack vectors
- Review architectures and identify security gaps
- Provide recommendations for security gaps
Other
- Engage closely with software engineers, SREs, platform teams, and product managers to align security initiatives with engineering and business goals
- Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications
- Identify and address friction points between security requirements and development workflows, driving alignment without compromising either
- Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
- Passion for security and doing things right
- Effective communication and interpersonal skills
- Ability to work and coordinate between multiple teams
