AWS Cloud Security Engineer

Job Description

As part of the Foundation Secure team, you will bring your DevOps knowledge and software engineering skill set into the world of cloud security engineering. Our team uses automation to protect nearly every aspect of Zendesk’s cloud presence in Amazon Web Services. This is a challenging position where you’ll be able to see an immediate impact to your contributions, work alongside a dedicated and caring team, and live on the cutting edge of cloud security.

Proactive engineering is our emphasis. Your prime directive is to build and govern secure cloud environments at scale, empower other engineers to build awesome products, and create tools that provide the data for our Security teams to address threats in Zendesk’s cloud environments.

 

What you’ll be doing

• Building and maintaining the baseline governance and security standards for AWS infrastructure at Zendesk for all of our AWS accounts.

• Building self-service AWS tooling on Kubernetes that enables our engineering organization to safely deploy infrastructure with appropriate security guardrails.

• Promoting immutable infrastructure on AWS to the wider Zendesk Engineering organization to improve infrastructure reliability and security.

• Developing and maintaining Zendesk’s zero-trust SSH infrastructure that gives our infrastructure owners the power to easily manage access to their hosts.

• Working to streamline Identity and Access Management not only for AWS, but for hundreds of applications around the Zendesk Engineering organization.

• Champion and maintain our self service IaC system for the organization. 

• Harden and streamline the process of building virtual machine and container golden images for hundreds of services. 

• Lead engineering teams looking to deploy new AWS technologies and architectures on best practices and security models.

• Partner with our Security organization to build the tools that provide Engineering teams with the information to react to threats and misconfigurations in our infrastructure.

• Implement and manage reactive and proactive security controls in AWS using CICD.​

 What you bring to the role

•  Required:

  • 2+ years experience or equivalent education configuring and securing AWS using their native service offerings (IAM, Control Tower, Organizations, SCPs, Lambda, Cloudtrail).

  • 2+ years experience or equivalent education building services using AWS Managed Services.

  • 2+ years experience or equivalent education deleriving production services in a programming language and willingness to learn other languages.

  • 2+ years experience or equivalent education working with Linux and container-based architectures: Docker, Kubernetes.

  • Strong track record of working collaboratively with external stakeholders to achieve project goals.

  • Practical DevOps knowledge, with a knack for addressing operational challenges through automation, scripting, and custom software solutions.

  • A strong grasp of security best practices to safeguard our cloud landscape.

  • An analytical approach to problem-solving, you believe the best decisions are made when they are backed by data.

• Preferred: 

  • Experience in building and maintaining golden images for virtual machines and docker containers.

  • Hands-on experience with infrastructure-as-code tools like Cloudformation/Terraform/SDKs.

  • Proficiency in the Go, Python, or Ruby programming languages.

  • Observability focused mindset and an analytical approach to problem-solving: you believe the best decisions are made when they are backed by data.

  • Demonstrated desire to learn new technologies and programming languages as our team and responsibilities evolve over time.

  • Familiarity with CI/CD workflows, preferably with GitHub Actions.

  • Experience with Kubernetes in a production environment, including the creation and use of operators.
    AWS Certifications.

​#LI-MK10

The Poland annualized base salary range for this position is zł297,000.00-zł445,000.00. Please note that while the salary range represents the minimum and maximum base salary rate for this position, the actual compensation offered will be based on job related capabilities, applicable experience, and other relevant factors. This position may also be eligible for bonus, benefits, or related incentives that will be communicated during the offer stage.

Hybrid: In this role, our hybrid experience is designed at the team level to give you a rich onsite experience packed with connection, collaboration, learning, and celebration - while also giving you flexibility to work remotely for part of the week. This role must attend our local office for part of the week. The specific in-office schedule is to be determined by the hiring manager.

The intelligent heart of customer experience

Zendesk software was built to bring a sense of calm to the chaotic world of customer service. Today we power billions of conversations with brands you know and love.

Zendesk believes in offering our people a fulfilling and inclusive experience. Our hybrid way of working, enables us to purposefully come together in person, at one of our many Zendesk offices around the world, to connect, collaborate and learn whilst also giving our people the flexibility to work remotely for part of the week.

Zendesk is an equal opportunity employer, and we’re proud of our ongoing efforts to foster global diversity, equity, & inclusion in the workplace. Individuals seeking employment and employees at Zendesk are considered without regard to race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, military or veteran status, or any other characteristic protected by applicable law. We are an AA/EEO/Veterans/Disabled employer. If you are based in the United States and would like more information about your EEO rights under the law, please click here.

Zendesk endeavors to make reasonable accommodations for applicants with disabilities and disabled veterans pursuant to applicable federal and state law. If you are an individual with a disability and require a reasonable accommodation to submit this application, complete any pre-employment testing, or otherwise participate in the employee selection process, please send an e-mail to peopleandplaces@zendesk.com with your specific accommodation request.