Please notice the position is in a hybrid model of work from Cracow.
About this position: We are looking for talented cyber security architects to down full stack security architecture and implementation for the industry-leading cloud-native DevOps and edge deployment management platform
Job Responsibilities:
• Full stack cloud security architect responsible for designing and implementing best-in-class security controls for distributed, high-volume, cloud-native workloads
• Own the security architecture across the network, Cloud Paas Infrastructure, Integration and Application layers
• Execute and coordinate the remediation of vulnerability scan tests and CVE process.
• Define the security controls and processes for Infrastructure-as-Code DevSecOps.
• Build observability and threat detection platforms utilizing industry-leading tools.
• Advise SRE engineers on building automation to support operations of cloud workloads
Mandatory skills:
• Architect Security Solutions: Design and implement robust, scalable security solutions for AWS-based cloud infrastructure, including network security, data protection, and compliance.
• Kubernetes Security: Ensure the security of Kubernetes clusters and microservice architectures using best practices for access control, secret management, and container security.
• Prisma Integration: Oversee and optimize the integration of Prisma Cloud for security monitoring and governance of our cloud infrastructure.
• SIEM Management: Monitor and maintain threat detection systems to ensure real-time alerting and response to security incidents across the cloud ecosystem.
• CVE Remediation: Lead the CVE management process by identifying vulnerabilities, assessing risk, and driving remediation efforts in a timely and organized manner.
• DevSecOps Best Practices: Implement and maintain DevSecOps practices, including secure CI/CD pipelines, code scanning, and automated security testing.
• Penetration Testing: Collaborate with external or internal penetration testers to conduct regular security assessments, and ensure remediation of identified vulnerabilities.
• Incident Response: Develop and maintain security incident response plans, ensuring swift, effective action during security events.
• Security Awareness: Collaborate with engineering teams to foster a security-first mindset, providing training and promoting best practices across the organization.
Good to have skills:
• Very Strong communication skills
• Worked in Agile/Scrum projects