Job description

What you get to do everyday! - Implement security controls and best practices across CI/CD pipelines - Ensure vulnerability assessments (including DAST and SAST) are part of every SDLC step. - Provide security guidance to product engineering teams building software applications in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments - Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments - Collaborate with development teams to implement secure coding practices - Implement measures to improve security of software supply chain - Develop best practices and security standards for KUBRA Cloud Platform - Work with KUBRA Risk and Compliance team to support risk assessments by proactively providing mitigations to identified risks - Work with KUBRA Security team to build appropriate threat models for KUBRA Cloud Platform services - Maintain vulnerability and patch management processes inline with KUBRA security policy - Work with KUBRA Security Operations team for incident response as necessary - Identify opportunities and arrange for updated security training for KUBRA DevOps and Cloud Platform Engineering teams when appropriate What kind of person you should be! - You practice ‘Security as Code’ to ensure security baked in and automation. - Highly organized and responsible. - Maintain awareness of trends and changes in the Cybersecurity industry and threat landscape. - Excellent written and verbal communications skills and an ability to maintain a high degree of professionalism in all client communications. - Ability to influence others, build relationships, manage conflicts, and handle negotiations. - Understanding and following the business strategy, objectives, and adjusting to performance metrics. - Excellent, time management, problem-solving, and analytical skills. - Ability to handle pressure and focus on results. What you can expect from us! - Award-winning culture that fosters growth, diversity and inclusion for all - Paid day off for your birthday - Free LinkedIn Learning subscription - Bi-annual performance-based bonuses - Continued education with our education reimbursement program - Flexible schedules - Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages) - Two paid days for volunteer opportunities - Free on-site Fitness center - Access to a ‘Tickets at Work’ membership - A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing - 401k Matching What skills do you need? - Experience in public cloud is required (AWS, Azure, GCP) - At least 3-5 years of experience in Cyber Security roles with a preference in the engineering field. - Experience work with software development or devops teams is preferred. - Experience in systems or network administration is preferred. - Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)

Requirements