Overview
Join SADA as a Sr. Cloud Security Engineer!
Your Mission
As a Sr. Cloud Security Engineer (Sr. CSE) at SADA, you will work to enable organizations to design and implement a secure infrastructure on Google Cloud Platform. Through an understanding of security best practices and industry security requirements, you will help our clients to design, develop and manage a mature security infrastructure leveraging Google security technologies.
You are proficient in all aspects of Cloud Security including managing identity and access management, defining organizational structure and policies, using Google technologies to provide data protection, configuring network security defenses, collecting and analyzing Google Cloud Platform logs, and managing incident response processes and understanding regulatory concerns. You will assess large enterprises’ overall security postures on GCP and provide prescriptive recommendations to improve them. You will also work side-by-side with client teams that rely on us as trusted advisors to implement the security recommendations we make.
Our Sr. CSEs have firm beliefs that using infrastructure-as-code to implement security guardrails for GCP is the best approach. You should have a deep, passionate interest in cybersecurity and be willing to dive deep, working towards client solutions in security areas that may be completely new to you. You will work independently with limited oversight. You will also lead in client-facing discussions as a cloud security SME. Our Sr. CSE roles combine consulting with hands-on work.
Pathway to Success
#MakeThemRave is at the foundation of all our engineering. Our goal is to provide customers with an exceptional experience in maturing the security of their Google Cloud Platform environments.
Your success comes from your enthusiasm, insight, and positive impact. You will be given direct feedback quarterly with respect to the scope and quality of your contributions, your ability to estimate accurately, customer feedback at the close of projects, your collaboration with your peers, and the consultative skill you demonstrate in customer interactions.
As you continue to execute successfully, we will build a personalized development plan together that leads you through the Sr. CSE growth tracks.
Expectations
Required Travel – none. This is a remote position. You should have great remote work discipline. This could change in the future, but we see remote work as the future and have embraced it at SADA.
Customer Facing – You will interact with customers on a regular basis, sometimes daily, other times weekly/bi-weekly. You can expect to interact with a range of customer stakeholders, including engineers, technical project managers, and executives.
Training – Ongoing with first-week orientation followed by a 30-day onboarding schedule. Due to the COVID-19 pandemic, all onboarding will be temporarily conducted remotely.
Job Requirements
Required Credentials:
Google’s Professional Cloud Security Engineer certification or able to complete within the first 30 days of employment.
Required Qualifications:
You must have at least 1 year of experience helping customers make decisions to achieve complex security outcomes in at least one major cloud provider.
Strong comprehension of security services working hands-on-keyboard (“HOK”).
Technical understanding of management implementations for identity like MFA, 2SV, SAML, OAuth.
Direct experience implementing serverless and containerized workload security best practices for Kubernetes clusters.
Experience building immutable infrastructure-as-code solutions using tools like Terraform, Ansible, Chef, Puppet, Salt, and Packer.
Experience implementing DevSecOps pipelines, providing cloud security guardrails with tools such as Deployment Manager, Terraform, Terraform Validator, and Chef Inspec.
Useful Qualifications:
Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK.
Previous roles in Incident Response, post-breach forensics, implementing security benchmarks, integrating SIEM tools, automating responses with SOAR tools, and threat hunting through logging systems.
Previous experience conducting GCP Security Assessments of large client environments (more than 10k GCP projects).
Experience working with multiple compliance and privacy frameworks (FedRAMP, PCI-DSS, FIPS, CCPA, HIPAA, GDPR, etc…).
Knowledge and understanding of security industry trends and new technologies and the ability to apply learnings in an evolving cloud security threat landscape.
Proven experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.
Experience leading a variety of commercial security technology implementations.
A strong dislike of “Security Theatre”.
