Zuora is a technology company and the world’s largest evangelist of the Subscription Economy™. Our leading cloud-based subscription management platform helps companies build and grow subscription business models by establishing, cultivating and monetizing recurring customer relationships. With $250M invested from Tier 1 VCs and institutional wealth management companies it validates that the subscription economy has gone mainstream. Headquartered in San Mateo, CA, with over 500 employees Zuora serves over hundreds of clients, including HP, Dell, Financial Times, GM, Box, Zendesk, LifeTech and more.
Zuora is looking for SeniorSecurity Engineer to join ourinfrastructuresecurity program to build and manage rapidly growinginfrastructure. As SeniorSecurity Engineer you will have the opportunity to develop your analytical, strategic, and technical skills needed aroundcybersecurityfoundation.
- Building automated security solutions with CloudFormation, Ansible, Jenkins and other DevOps tools
- Provide technical leadership, solution design, and hands on development support for security controls for infrastructure and software deployments
- Lead the Security Automation team with various stakeholders
- Collaborate cross-functionally and engage with all levels of leadership to gather requirements, build appropriate cloud securitytechnology roadmaps and implementation plans.
- Maintain strong awareness of events in the external community to identify threats and opportunities for enhancement.
- Develop Threat Models and Perform Security Health Checks in the Public Cloud environment and develop code to address threats and recurring issues
- Evaluate, test, implement and support third party security tools
- Identify new securitythreats by conducting continuous monitoring, penetration testing, vulnerability assessments and log analysis
Required Experience and skills
- Education & Essential Experience
- MS or Bachelor in Computer Science or equivalent desired
- 2-5 years with AWS/Public Cloud
- 2-5 years of experience in DevOps or CI/CD Pipelines
- 10 Years with securityengineering, system and/or networksecurity
- Security Skills
- IT Security Frameworks like CIS, NIST etc.
- Authentication, Security firewalls & othersecurity protocols.
- Vulnerability Management, network penetration testing & remediation techniques
- Programming and Ops Skills
- Deep knowledge of AWS SDK and CLI for various AWS Services is must
- Python, Bash, Perl Coding experience
- Ansible, Puppet Scripting
- Jenkins, Terraform, AWS Cloud Formation
- Bitbucket, JIRA, Confluence
- Linux Administrations
- Docker, AWS EC2 Container Service (ECS)
- Soft Skills
- Self-starter, Customer Centric Attitude
- High Collaboration and Influence Skills
- Willingness to mentor other members within internal or external team
- Ability to communicate technical concepts and complexity to all audiences
- Tolerant of Ambiguity and Changing Environment