Information Security Engineer

Job Summary:  

In this role, you’ll join a team of security engineers responsible for the infrastructure used by both our customers and enterprise to run the business with observability, scalability, security and capacity planning as main functions. This role will focus on implementing and enforcing secure solutions to solve complex and unique problems at scale in both the cloud and the enterprise. The team you’ll be on is a talented and diverse group of engineers focused on providing a highly secure platform used by Clearwater’s engineering teams to deliver cutting-edge features and solutions.

Responsibilities:

• Securing solutions for end-to-end security in a CI/CD pipeline.

• Develop infrastructure configurations/policies to prevent new security issues.

• Build automated alerting and remediation workflows for security issues.

• Implement solutions that empower teams to deliver secure infrastructure at scale.

• Automate enforcement of compliance policies.

• Identifying and prioritizing security vulnerabilities in our environment and helping to drive remediation.

• Making recommendations for necessary changes to our security controls to address emerging security threats.

• Actively seeks out opportunities to improve key systems, does not need to be directed on a daily basis.

• Assists in definition, documentation, and evolution of best practices for the security engineering program.

• Goes above and beyond basic requirements to support their own team and others.

• Helps to identify key gaps in security and tooling functionality that will drive significant improvement in security engineering.

• Has the ability to take an assignment, project or problem and implement a solution to completion.

Requirements:

• Experience in cloud security and/or security engineering.

• Experience with incident response.

• Understanding of security best-practices and how to implement them at an enterprise level.

• Basic coding skills – Terraform, Python, other scripting languages.

• Understanding of common Information Security concepts, practices, and procedures

• Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection, incident response

• Strong written and oral communication skills and the ability to prioritize work

• Strong aptitude for problem solving, math, and communication

• Strong organizational and interpersonal skill

Desired Experience or Skills:

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study

• Experience with Prisma Cloud

• Experience with Crowdstrike

• Knowledge of SDL best practices

• Experience with AWS or Azure public cloud platforms

• Experience with network necurity and firewalls

• Solid infrastructure/SRE/engineering skills

• SANS GIAC, CEH, CompTIA Security+, AWS or GCP security certifications.