We are the CTO Security Architecture group. We solve complex security problems to enable innovative new products, and prototype the next generation of infrastructure security technologies. Whether we’re designing our next generation security controls, or threat modeling our distributed systems, our goal is to define the future of how we secure Bloomberg’s infrastructure. That’s where you come in.
As a CTO security architect, you’ll be trusted to understand security requirements of our cloud products and infrastructure, provide guidance for usable infrastructure security, ensure that logical security controls are manageable at our scale, and much more. Your leadership skills will influence the roadmap for future security technologies, while working alongside motivated engineers across the company to keep Bloomberg at the cutting edge. Our team works across many areas of security architecture, and you will have the opportunity to focus on the projects you are passionate about and bring your expertise to help reach our team’s goals.
We'll expect you to:
- Take a leadership role in defining tools, techniques and technologies used to secure and monitor Bloomberg’s cloud infrastructure.
- Support new product development, guiding teams to appropriate security architectures.
- Prototype infrastructure technologies, and understand how they fit into Bloomberg's existing environment.
- Foster a culture of security consciousness while understanding the trade-offs between security, usability and performance at a large scale.
- Help develop strategies to secure Bloomberg’s financial products, network, and cloud architecture.
- Build collaborative relationships with stakeholders across many functions, with a focus on correctness, scalability and usability of distributed infrastructure.
- You’ll need to have:
- 3+ years of experience building, maintaining and managing security aspects of large-scale public cloud infrastructure and services (AWS, GCP, Azure, etc)
- 3+ years of programming experience in C, C++, Python, or other programming languages on UNIX operating systems.
- Demonstrated threat modeling capabilities in networking, software infrastructure and applications as they impact the security posture of an organization.
- Experience working with mission-critical, large-scale distributed applications and products.
- Past experience developing usable security tools in a professional setting or open source, as well as an understanding of tools to automate the software development lifecycle.
- We'd love to see:
- Experience with financial software design, implementation and threat modeling
- Knowledge of virtualization technology and the landscape of cloud computing vulnerabilities
- Experience architecting Kubernetes infrastructure and working with container technology
- Experience managing and enforcing security policies at a large scale (IAM, OPA, etc)
- Track record of publishing/speaking at industry-leading conferences
- Exposure to distributed computing architectures such as Kafka, message queues, etc