Sr. Security Engineer

Senior Platform Security Engineer 

As a Senior Platform Security Engineer, you will play a pivotal role in shaping and securing our cloud and on-premises compute infrastructure. You will be responsible for implementing and maintaining robust security solutions for our AWS and Azure environments. This role requires a deep understanding of security principles, cloud technologies and infrastructure as code practices.  As a Platform Security Engineer, you will participate in security reviews, design and develop innovative security solutions and tools to enhance our security posture and visibility. 

Key Responsibilities: 

Leadership & Strategy: 

• Exemplify security principles and culture 

• Develop and implement the long-term platform security strategy 

• Effectively partner across security, technology, and business teams 

• Provide technical leadership and expertise to cloud, server, and container security efforts 

• Develop effective platform security metrics and use them to drive improvements  

Cloud Security Standards: 

• Continuously improve cloud, server, and container security standards and guidelines in alignment with risk and compliance requirements 

• Measure and report on CDK’s compliance with cloud security standards 

• Drive adoption of security standards through close partnership with technology teams, collaborative roadmap alignment, and transparent reporting 

Cloud Security Architecture and Engineering: 

• Develop and continuously improve security architecture for our public cloud environments (AWS, Azure, other). 

• Design and implement security controls, including network security, identity and access management, data protection, and threat detection. 

• In collaboration with GRC and technology teams, align security architecture and standards to key risks, compliance requirements, and business needs. 

• Infrastructure as Code (IaC) 

• Deep knowledge of IaC tools like Terraform, CloudFormation, Azure Resource Manager and Deployment Manager. 

• Collaborate with development and cloud governance teams to develop and maintain secure IaC templates and standards. 

• Review IaC templates for security best practices and compliance. 

• Implement security controls and best practices within IaC templates. 

• Security Tooling and Automation 

• Evaluate and implement security tools to automate security tasks and enhance our security posture. 

• Collaborate with cross-functional teams to identify security requirements and engineer effective solutions. 

• Develop custom scripts and implement security tools to automate security tasks and processes. 

• Integrate security tools with CI/CD pipelines to ensure security is built into the development process. 

Cloud Security Operations 

• In collaboration with Security Operations, conduct regular compute platform security assessments and penetration tests 

• Operationalize remediation of discovered vulnerabilities in cloud security posture 

• Enable Security Operations team to monitor security logs and alerts to identify and respond to security threats in the cloud. 

• Collaborate with Security Operations team on developing and automating alert response processes and playbooks 

• Serve as an escalation point for cloud security incident investigations and  response activities. 

• Stay up-to-date with the latest security threats and vulnerabilities. 

Required Qualifications: 

• Strong understanding of cloud security principles, including network security, identity and access management, data protection, and threat detection. 

• Extensive experience with AWS, Azure and GCP, including infrastructure, security, and compliance. 

• Proficiency in Infrastructure as Code (IaC) tools 

• Experience with scripting languages (Python, Bash, PowerShell) and automation tools such as Ansible. 

• Knowledge of security tools and technologies, such as SIEM, CSPM, SOAR, WAF, and IDS/IPS. 

• Strong problem-solving and troubleshooting skills. 

• Excellent communication and collaboration skills. 

Desired Qualifications: 

Experience with cloud security frameworks (e.g., CIS Benchmarks, NIST CSF). 

Knowledge of container security and Kubernetes. 

Experience with DevSecOps practices. 

Ability to lead and mentor security engineers. 

This revised job description emphasizes the importance of deep IaC knowledge across multiple cloud platforms, aligning with the desired focus. 

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US.  CDK may offer employer visa sponsorship to applicants.