Principal Security Engineer - Cloud

About Us:

CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers (“OEMs”) across automotive and related industries. The Company’s cloud-based, software as a service (“SaaS”) platform enables dealerships to manage their end-to-end business operations including the acquisition, sale, financing, insuring, repair, and maintenance of vehicles. By automating and streamlining critical workflows, the integrated platform of modern solutions enables dealers to sell and service more vehicles by creating simple and convenient experiences for customers and improves their financial and operational performance.

Position Summary:

As a Principal Platform Security Engineer, you will play a pivotal role in shaping and securing our cloud infrastructure. You will be responsible for designing, implementing, and maintaining robust security solutions in multiple cloud environments. This role requires a deep understanding of security principles, cloud technologies, and Infrastructure as Code (IaC) practices. 

Position Responsibilities: 

• ​Exemplify security principles and culture 

• Develop and implement the long-term cloud security strategy 

• Effectively partner across security, technology, and business teams 

• Provide technical leadership and expertise to cloud security efforts 

• Develop effective network security metrics and use them to drive improvements   

• Develop and continuously improve cloud security standards and guidelines in alignment with risk and compliance requirements 

• Measure and report on CDK’s compliance with cloud security standards 

• Drive adoption of cloud security standards through close partnership with technology teams, collaborative roadmap alignment, and transparent reporting 

• Develop and continuously improve security architecture for our public cloud environments (AWS, Azure, other). 

• Design and implement security controls, including network security, identity and access management, data protection, and threat detection. 

• In collaboration with GRC and technology teams, align security architecture and standards to key risks, compliance requirements, and business needs. 

•  Infrastructure as Code (IaC) 

• Deep knowledge of IaC tools like Terraform, CloudFormation, Azure Resource Manager and Deployment Manager. 

• Collaborate with development and cloud governance teams to develop and maintain secure IaC templates and standards. 

• Review IaC templates for security best practices and compliance. 

• Implement security controls and best practices within IaC templates. 

•  Security Tooling and Automation 

• Develop custom scripts and implement security tools to automate security tasks and processes. 

• Integrate security tools with CI/CD pipelines to ensure security is built into the development process. 

•  In collaboration with Security Operations, conduct regular cloud security assessments and penetration tests 

• Operationalize remediation of discovered vulnerabilities in cloud security posture 

• Enable Security Operations team to monitor security logs and alerts to identify and respond to security threats in the cloud. 

• Collaborate with Security Operations team on developing and automating alert response processes and playbooks 

• Serve as an escalation point for cloud security incident investigations and response activities.  

Position Qualifications: 

• Strong understanding of cloud security principles, including network security, identity and access management, data protection, and threat detection. 

• Extensive experience with AWS, Azure and GCP, including infrastructure, security, and compliance. 

• Proficiency in Infrastructure as Code (IaC) tools 

• Experience with scripting languages (Python, Bash, PowerShell) and automation tools such as Ansible. 

• Knowledge of security tools and technologies, such as SIEM, CSPM, SOAR, WAF, and IDS/IPS. 

• Strong problem-solving and troubleshooting skills. 

• Excellent communication and collaboration skills.  

• Experience with cloud security frameworks (e.g., CIS Benchmarks, NIST CSF). 

• Knowledge of container security and Kubernetes. 

• Experience with DevSecOps practices. 

• Ability to lead and mentor security engineers. 

• This revised job description emphasizes the importance of deep IaC knowledge across multiple cloud platforms, aligning with the desired focus. 

Salary: $180K - $220K + Bonus

CDK Global is committed to fair and equitable compensation practices. Compensation packages are based on several factors, including but not limited to skills, experience, certifications, and work location.  The total compensation package for this position may also include annual performance bonus, benefits and/or other applicable incentive compensation plans.We offer Medical, dental, and vision benefits in addition to:

• Paid Time Off (PTO)

• 401K Matching Program

• Tuition Reimbursement

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US.  CDK may offer employer visa sponsorship to applicants.