Cloud Security Engineer - Platform Security Services

Job Description:

Cloud Security Engineer – Platform Security Services

The Role

As a Cloud Security Engineer, you will work within a diverse team comprised of passionate technologists who believe in the power of innovation and constant collaboration. We believe that small, empowered, self-motivated teams can achieve outstanding things. We are passionate about opensource contribution, sharing our expertise and knowledge with the engineering community while adopting a continuous learning approach supported by a dedicated learning day each week.

The Platform Security Services Squad is seeking a highly technical, hands-on security engineer with experience in large-scale public cloud infrastructure, and production environments. This squad maintains the baseline security posture and image distribution for Fidelity’s cloud platforms, spanning AWS and Azure.

• Container runtime security and Cloud-Native Application Protection (CNAP)
• Container rehydration monitoring and vulnerability management
• Coordinate with Application Security teams to drive security tooling into the pipelines
• Support the audit compliance of supported platforms like API Gateway, Event Streaming etc
• Packaging and distribution of secure builds for virtual machines and base-containers
• Build and maintain automation that supports reliable pipeline deployed infrastructure

The Expertise and Skills You Bring

• Experience with enterprise IT infrastructure, security, compliance
• A strong understanding of cloud service providers: AWS or Azure
• A strong understanding of cloud container platforms such as Kubernetes (AKS / EKS)
• Strong technical expertise with containerization, and container runtime environments
• Solid hands-on experience in production environments with at least one of the following:
  • Engineering/operational support of cloud security in AWS or Azure
  • Engineering/operational support for workloads in cloud container platforms such as Kubernetes (AKS / EKS)
  • Hands-on configuration of CI/CD pipeline security tools for cloud-native deployments
• Very strong with scripting languages, including integration with CSP APIs; python preferred
• Experience implementing infrastructure-as-code, pipelines and state management
• Experience with logging, monitoring, and alerting solutions
• Strong ability to work with YAML and JSON markup languages
• A strong understanding of various cloud service delivery models including IaaS, SaaS, and PaaS; automation; containers; virtual compute, storage, and networks; virtual infrastructure management; self-provisioning; and scaling
• Ability to work with application and security teams to promote a secure posture in the cloud
• You are a self-starter who can learn complex technologies independently

Certifications:

Category:

Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.