Zuora - San Mateo, CA
Zuora is a technology company and the world’s largest evangelist of the Subscription Economy™. Our leading cloud-based subscription management platform helps companies build and grow subscription business models by establishing, cultivating and monetizing recurring customer relationships. With $250M invested from Tier 1 VCs and institutional wealth management companies it validates that the subscription economy has gone mainstream. Headquartered in San Mateo, CA, with over 500 employees Zuora serves over hundreds of clients, including HP, Dell, Financial Times, GM, Box, Zendesk, LifeTech and more.
Zuora is looking for Senior Security Engineer to join our infrastructuresecurity program to build and manage rapidly growing infrastructure. As Senior Security Engineer you will have the opportunity to develop your analytical, strategic, and technical skills needed around cybersecurity foundation.
- Run end to end cloud security program for Zuora’s AWS Cloud Infrastructure
- Audit, Detect and Remediate critical Security exposures in AWS Cloud Infrastructure
- Single point of contact for vulnerability management program for AWS Cloud Infrastructure
- Provide technical leadership, solution design, and hands on development support for security controls for infrastructure and microservices deployments
- Lead the Security Automation team with various stakeholders
- Building automated security solutions with CloudFormation, Python, Ansible, Jenkins or other DevOps tools
- Collaborate cross-functionally and engage with all levels of leadership to gather requirements, build appropriate cloud securitytechnology roadmaps and implementation plans.
- Maintain strong awareness of events in the external community to identify threats and opportunities for enhancement.
- Evaluate, test, implement and support third party security tools
- Identify new securitythreats by conducting continuous monitoring, penetration testing, vulnerability assessments and log analysis
REQUIREDEXPERIENCE AND SKILLS:
Education & Essential Experience:
- MS or Bachelor in Computer Science or equivalent desired
- 2-5years with AWS/Public Cloud
- 10+ Years with securityengineering, system and/or networksecurity
- Experience in any scriptinglanguage like: Python, Perl, Shell etc.
- Experience in CI, CD Tools is a plus
- IT Security Frameworks like CIS, NIST etc.
- Authentication, Security firewalls & othersecurity protocols.
- Vulnerability Management, network penetration testing & remediation techniques
Programming and Ops Skills:
- Deep knowledge of AWS Services and respective Security controls
- Deep knowledge of AWS API and CLI for various AWS Services
- Experience in one or more cloud security monitoring tools: Alert Logic, Threat Stack, Evident.io, Dome9, Cavirin
- Experience of using cloud log analyzer or SIEM like Sumologic, Splunk, Elk
- Python, Bash, Perl Coding experience
- Ansible, Puppet Scripting, AWS Cloud Formation
- Docker, AWS EC2 Container Service (ECS)
- Linux Administration
- Self-starter, Customer Centric Attitude
- High Collaboration and Influence Skills
- Willingness to mentor other members within internal or external team
- Ability to communicate technical concepts and complexity to all audiences
- Tolerant of Ambiguity and Changing Environment
Job Type: Full-time