Security Engineer III
Boston, MA
Our Opportunity:
Chewy is seeking a Security Engineer III to join an established technology team in Plantation FL, Boston MA, Or Minneapolis MN. At Chewy, it is our mission to be the most trusted and convenient destination for pet parents (and partners) everywhere. We have evolved into an innovative Fortune 500 industry leader. The Information Security team’s core objective is to relentlessly protect the digital identities of Chewy’s pet parents, Team Members, and business partners; ensuring confidentiality, availability and integrity of all data entrusted to us. The expectations of the prospective candidate will be to own the security of Chewy’s public clouds, implement solutions with the goal of maintaining Chewy’s public clouds secure and write software, tools and scripts to support cyber security requirements and goals in Chewy’s public clouds. The ideal candidate will support Chewy Security Team’s initiatives while we continue to grow and always #Think Big about new innovative ideas, while simultaneously #Keeping it Simple.
What You’ll Do:
- Lead application and infrastructure as code scanning toolset and integrations with CI/CD pipelines.
- Provide security guidance and risk management through design and code reviews of services running on our public clouds.
- Collaborate with Site Reliability Engineering, Vulnerability Management, and Security Operations teams to achieve shared security goals.
- Evaluate and analyze threats, vulnerabilities, and security risks in AWS and GCP.
- Drive shift-left security strategy and automate security testing across public clouds and development environments.
- Develop and report DevSecOps metrics to collaborators.
- Design, implement, and monitor security tooling and systems.
- Ensure applications and infrastructure deployed to public clouds meet performance, privacy, and security requirements.
What You’ll Need:
- Bachelor's degree or higher in Computer Science, Computer Information Systems, or similar; or equivalent experience.
- Ability to write functional Terraform, Ansible, Pulumi, Cloud Formation etc.
- AWS Certified Security – Specialty, AWS Certified Solutions Architect, AWS Certified Cloud Practitioner, GCP Professional Security Engineer, GCP Professional DevOps Engineer, or equivalent.
- Proven understanding of common technical controls across security domains (logical access, configuration management, security operations etc.)
- Excellent analytical and problem-solving skills, with the ability to identify, mitigate and communicate risks optimally to customers.
- Experience managing Cloud Security Posture Management (CSPM) platforms.
- Deep knowledge of public cloud container technologies with Docker and Kubernetes such as ECS, EKS, GKE etc.
- Ability to balance multiple priorities at a given time.
- Must be team oriented and have a customer first attitude!
Bonus (if applicable):
- Ability to write software that extends the functionality of SaaS or other platforms using their existing and detailed APIs.
- Experience with Wiz, Crowdstrike or equivalent commercial SaaS platforms.
- Experience drafting architecture diagrams and identifying requirements to securely deploy services in public clouds, and communicate those requirements to business partners.
- Experience working in a fast paced e-commerce environment.
- Experience investigating security incidents in public clouds (AWS, Google.)
Chewy is committed to equal opportunity. We value and embrace diversity and inclusion of all Team Members. If you have a disability under the Americans with Disabilities Act or similar law, and you need an accommodation during the application process or to perform these job requirements, or if you need a religious accommodation, please contact CAAR@chewy.com.
If you have a question regarding your application, please contact HR@chewy.com.
To access Chewy's Customer Privacy Policy, please click here. To access Chewy's California CPRA Job Applicant Privacy Policy, please click here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible APIs AWS CI/CD Cloud Computer Science CrowdStrike CSPM DevOps DevSecOps Docker E-commerce GCP Kubernetes Privacy Risk management SaaS Security strategy Strategy Terraform Vulnerabilities Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.