- Responsible for leveraging principles, practices and tools in DevOps to improve the reliability, integrity and security of applications.
- Build, maintain and manage central security policies for our cloud infrastructure.
- Identify and implement the most effective perimeter security models for customer integration and segregated access of platform services.
- Maintain cloud architecture and security design.
- Define, implement, and tune detective capabilities and data sources to detect and remediate malicious activity.
- Assist in creating a continuous monitoring solution to validate systems against our security baselines and respond to policy violations.
- Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
- Analyze security data and report on threats and incidents across various platforms and environments.
- Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate.
- Work with engineering and operations teams to implement threat detection signals, deploy new tooling and improve response capabilities.
Knowledge & Skills
- A solid understanding of information security standards.
- Experience implementing AWS/GCP security and hardening, especially in a large or complex environment.
- Hands-on security experience, with in-depth knowledge of security, scaling in the cloud.
- Hands-on experience with secrets management systems, including AWS,KMS, Vault, SSH Keys, etc.
- Hands-on experience in driving end to end security for cloud product –scanning, pen testing.
- Experience in applying security to cloud technologies (Managing secrets,
- Securing CD pipeline, Secure Infrastructure as Code, Container Security).
- Experience with implementing a cloud-based container vulnerability scanning tool.
- Experience with Docker and Kubernetes.
- Ability to communicate, both orally and written, with all levels of management and end users across varying levels of technical backgrounds.
Professional Experience Required
- BS degree in Computer Science, Information Technology or relevant field.
- 5+ years total tech experience with cloud security focus.
- 3+ years of AWS or GCP experience implementing security and hardening activities, especially in a large or complex environment.
- Strong organizational skills, including ability to prioritize and work under pressure
- Ability to effectively handle multiple activities and projects
- Proven ability to work well, both individually and within a team environment
- Strong initiative and self-motivation
- Proven ability to quickly learn and adapt to a dynamic environment
- Experience with Jira, Zendesk a plus
- Government clearance a plus.
Never before has the balance between business opportunity and regulatory risk been so tenuous. Exiger addresses this challenge head-on by developing sustainable compliance programs that meet today’s strict regulatory requirements while acknowledging that businesses cannot afford to play it safe. In a world where the fastest path to driving shareholder value is to expand into developing – often high-risk – economies, Exiger helps financial institutions, multinational corporations, and governmental agencies pursue their strategic goals with the confidence that regulatory change will not alter their course.Exiger was formed by a group of leading authorities on financial crimes compliance to solve some of the most complex problems confronting business today. The firm arms financial institutions and multinational corporations with the practical expertise and tools they need to prevent breaches in compliance, respond to risk intelligence, remediate gaps and monitor ongoing business activities.Initially launched to lead the court-appointed Monitorship of HSBC – the most comprehensive Monitoring assignment ever awarded by the Department of Justice – Exiger is entrusted with evaluating the effectiveness of internal compliance controls used by the $2.7 trillion banking institution across approximately 6,000 offices operating in nearly 70 countries around the world.In addition to its Monitorship work, Exiger guides a wide range of clients around the world through the process of managing the worst-case scenario compliance challenges and implementing the programs they need to prevent them in the future.
Want to learn more about Exiger? Visit Exiger's website.
192 Active Jobs
Slack's cloud-based collaboration tools and services are used worldwide.
Jobs You May Like
Expression of Interest - Infrastructure, SRE, & DevOps