Senior Security Engineer

What you get to do every day!

• Identify and provide guidance on appropriate controls based on industry standards to drive cloud and customer security solutions framework based on business risk and cloud native threats
• Develop and implement cloud security architectures focused on AWS 
• Assist in developing an overall organizational data strategy that is in line with business processes and contractual requirements
• Establish and enforce secure application development practices, including secure coding, threat modeling, SAST/DAST and vulnerability management.
• Conduct security assessments of cloud infrastructure, applications, and CI/CD pipelines.
• Provide security guidance and best practices to Product and Service Delivery teams.
• Define and implement security policies, standards, and procedures for cloud and application security.
• Work with engineering and operations teams to integrate security controls within cloud-native services.
• Lead security reviews, architecture assessments, and risk analysis for new and existing applications.
• Monitor security trends, vulnerabilities, and threats in cloud and application security domains.
• Collaborate with compliance teams to ensure adherence to regulations such as PCI-DSS, SOC 1/2, ISO 27001 etc
• Respond to security incidents and provide expertise in forensic analysis and remediation.
• Design and implement network security controls, including firewall configuration and management.
• Manage firewall solutions such as Akamai and cloud-native security services to protect applications and infrastructure.
• Ensure robust network security by implementing intrusion detection/prevention systems (IDS/IPS), web application firewalls (WAFs), and DDoS mitigation strategies.
• Design and implement database security controls, including data encryption, access control, and monitoring.
• Conduct database vulnerability assessments and ensure compliance with security policies.
• Work with database administrators to apply security best practices to relational and NoSQL databases.
• Implement data masking, tokenization, and audit logging for sensitive data protection.
• Develop and implement Infrastructure as Code (IaC) security best practices to ensure secure provisioning and configuration of cloud resources.
• Ensure security is embedded in IaC templates using tools like Terraform and AWS Cloud Formation.
• Perform security architecture design reviews and provide recommendations to improve the security posture of KUBRA’s application, database, and cloud platforms
• Perform periodic testing, code analysis, and security assessments of KUBRA owned applications 
• Govern Watch over cloud security systems for change and configuration control thereby suggesting changes to further improve the overall security posture.
• Partner with DevSecOps, Application and Infrastructure teams to ensure any vulnerabilities or issues are resolved per security guidelines 
• Stay up to date with current cyber security risk and analyze trends to proactively prevent problems.
• Assist in developing an overall organizational data strategy that is in line with business processes and contractual requirements

What kind of person should you be?

• Excellent verbal, written and interpersonal skills
• Ability to detail and effectively discriminate relevant logs / security events
• Ability to handle multiple tasks and projects concurrently
• Excellent written and verbal communication skills
• Ability to plan and manage complex security projects, and meet the deadlines
• Excellent organization, time management and problem-solving skills
• Ability to handle pressure under minimum or no direct supervision

What skills do you need?

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• 7+ years of experience in cybersecurity, with a focus on Security Architecture, cloud and application security.
• Strong knowledge of cloud security frameworks (AWS Well-Architected Framework, CSA-CCM, CIS Controls).
• Experience with securing cloud-native applications, microservices, and containerized environments (Kubernetes, Docker).
• Expertise in secure software development practices, including OWASP Top 10 and SAST/DAST methodologies.
• Familiarity with DevSecOps principles and tools such as Terraform, GitHub Actions, or AWS CodePipeline.
• Hands-on experience with identity and access management (IAM), encryption, and key management.
• Proficiency in scripting and automation using Python, Bash, or PowerShell.
• Experience with firewall technologies, network security principles, and secure network architecture design.
• Experience with database security, including best practices for relational and NoSQL databases.
• Experience with Infrastructure as Code (IaC) security and automation using Terraform, AWS CloudFormation, or similar tools.
• Industry certifications such as CISSP, CCSP, AWS Certified Security, or GIAC are preferred.

What can you expect from us?

• Award-winning culture that fosters growth, diversity and inclusion for all
• Paid day off for your birthday
• Free LinkedIn Learning subscription
• Bi-annual performance-based bonuses
• Continued education with our education reimbursement program
• Flexible schedules
• Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
• Two paid days for volunteer opportunities
• Free on-site Fitness center
• Access to a ‘Tickets at Work’ membership
• A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
• 401k Matching


#STACK2024