Information security Engineering specialist

What you will deliver

• Support development of and implement platform security standards, co-design schemas, ensure quality at the source of infrastructure build and configuration, and find opportunities to automate manual secure processes wherever possible.
• Work with business partners to implement security strategies and to coordinate remediation activities to ensure products safely meet business requirements.
• Contribute as a subject matter expert in at least one domain (cloud, infrastructure, or data).
• Provide hands-on support to teams on secure configuration and remediation strategies.
• Align strategy, processes, and decision-making across teams.
• Actively participate in a positive engagement and governance framework and contribute to an inclusive work environment with teams and collaborators including engineers, developers, product owners, product managers and portfolio managers.
• Evolve the security roadmap to meet anticipated future requirements and needs.
• Provide support to the squads and teams through technical guidance and by managing dependencies and risks.
• Create and articulate materials on how to embed and measure security on our cloud, infrastructure, or data environments.
• Contribute to mentoring and promote a culture of continuous development!

What you will need to be successful (experience and qualifications)

• 3+ years of experience in security engineering or technical infrastructure roles.
• A minimum of 3 years of Cyber Security experience on one of the following areas: Cloud (AWS and Azure), Infrastructure (IAM, Network, endpoint, etc.), or Data (DLP, data lifecycle management, etc.).
• Deep and hands-on experience designing security architectures and solutions for reliable and scalable data infrastructure, cloud and data products in complex environments.
• Development experience in one or more object-oriented programming languages (e.g., Python, Scala, Java, C#) and/or development experience in one or more cloud environments (including AWS, Azure, Alibaba, etc.).
• Exposure/experience with full stack development.
• Experience with automation and scripting for security tasks (e.g., IaC, CI/CD integration) and security tooling (e.g., vulnerability scanners, CNAPP, Endpoint and/or DLP).
• Deep knowledge and hands-on experience in technologies across all data lifecycle stages.
• Foundational knowledge of security standards, industry laws, and regulations such as Payment Card Industry Data Security Standards (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Sarbanes-Oxley (SOX).
• Strong collaborator management and ability to influence teams through technical guidance.
• Continuous learning and improvement approach.