Esurance is hiring a Principal Cloud SecOps Engineer to join our Development Operations team in our San Francisco, CA office. As the Principal Cloud Secops Engineer you will provide support and enhancements to Esurance’s cloud security and information security program, while researching and developing vulnerability scanning solutions for Container-Based Applications and Ephemeral host security. Additionally, you will deliver and maintain cloud initiatives from inception to production of all ECOMM and other applications solving complex technical issues, which are critical to our businesses such as distributed systems development, cloud native transformation, and much more.
- Assesses and understands Esurance's current cloud security posture and future architecture, providing recommendations for vulnerability remediation and risk reduction.
- Evaluates security technologies for cloud environments in order to implement controls.
- Outlines automated security solutions for cloud delivery processes.
- Designs cloud security solutions to enable production security operations (SOC).
- Architect large-scale cloud environments using container and micro service technologies.
- Designs security capabilities in support of DevOps processes.
- Educates product and platform teams on secure coding practices.
- Performs threat models/risk assessments on large-scale cloud environments.
- Designs automated solutions to secure cloud development processes.
- Crafts and evangelizes secure cloud platform & product requirements.
- Serves as a security expert in application development, database and micro service design, container and/or virtual machine technologies, helping project teams comply with enterprise and CISO security policies, industry regulations, and best practices.
- Researches, designs, and advocates new technologies, architectures, and security products that will support security requirements for the cloud and cloud-enabled products.
- Contributes to the development and maintenance of the information security strategy.
- Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks.
- Communicates security risks and solutions to business partners, platform & product teams.
- Designs security configuration guidelines for information technology devices and systems, as well as mechanisms for assessing compliance with the guidelines.
- Extensive operations experience in either Linux or Windows operating systems.
- Strong experience with cloud provider ecosystems, including Amazon AWS, Microsoft Azure etc.
- Experience scripting with languages such as Python, Ruby, etc.
- Experience with security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric.
- Experience with a broad range of security technologies, including nextgen firewalls, DLP, NAC, IDS/IPS, IdAM, certificate management, SIEM, endpoint protection, anti-malware, vulnerability management and cloud security.
- Strong oral, written, presentation abilities, and able to convey risk to all levels of the business, from C-level executives to operations and development teams.
- Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders.
- Some proven ability in securing the CI/CD pipeline.
- Expert command of config management principles and an ability to code your desired state.
- A strong grasp of monitoring tools, approach and implementation.
- Recognition of the role security plays in PaaS and Continuous Delivery.
- Able to show examples of previous work exploiting containerized services.
- Proven experience in implementing software defined networking.
- Solid working experience of continuous integration practices & tools (Jenkins, Travis CI, etc.)
- An established history of working in agile teams.
- 3-4 years in Cloud Computing
- 2 years in Information Security space
- 5 years in Information Technology/Computing Technology space
- Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, OSCP, CCIE Security, CEH, Security)
- Bachelor’s degree in Computer Science, or a related field.
- Amazon AWS SysOps Certification or Amazon AWS DevOps certification preferred.