Careers

Cloud Security Engineer

‐ Zwift

Location

Remote

Job Term

Full-Time

Company Website

zwift.com

Who we’re looking for:

The Zwift InfoSec Team is looking for a Cloud Security Engineer to help build and grow security operations within acquired service teams in order to address both deeply technical and programmatic security issues and emerging threats affecting cloud and containerized platforms. You will lead security due diligence efforts, plan security integration, and execute efforts for M&A acquisitions. You will partner with key project stakeholders to identify key security issues, implementing actionable plans to achieve remediation of security threats, and diving deep on tactical security aspects of a modern cloud environment. Cloud Security Engineers oversee and influence cross-functional security diligence and integration teams to ensure all relevant security concepts are considered. 

Successful Cloud Security Engineers at Zwift are self-starters, able to work autonomously, natural problem solvers, collaborative, and not fazed by adversity or ambiguity. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud security threats, the ability to influence people from customers to managers through technical solutions, and the desire to be an individual contributor to securing Zwift’s platform and system/services technology.

The Zwift InfoSec Team is responsible for the security and availability of all services offered by Zwift, as well as providing security support for teams leveraging those services. The Zwift InfoSec team works with service teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, and solve security challenges at scale. This is an exciting and visible role – you will directly influence the security postures for Zwift products and services. 

What you'll do:

  • Work with Engineering teams across Zwift to provide scalable vulnerability management and assessment procedures and provide application security reviews.
  • Collaborate with Engineering teams across Zwift to build secure and scalable containerized architectures in the cloud.
  • Implement information security controls and patterns that support risk assessments and the development of secure architectures.
  • Identify and mitigate risks throughout our corporate and production environments.
  • Provide continuous technical support and escalation management for security related issues throughout Zwift.
  • Identify opportunities for process improvement, including the development and implementation of internal security tools, tactics, and procedures.
  • Provide security related guidance and documentation.

What we’re looking for:

    • Bachelor's Degree in Computer Science or a related field (or 2 years equivalent experience)
    • Working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.)
    • Excellent understanding of docker and container orchestration with kubernetes and experience running production kubernetes clusters in Amazon EKS, Google GKE, or similar managed platform.
    • Experience implementing and leveraging centralized logging and monitoring solutions such as elasticsearch, kibana, fluentd, influxdb, prometheus, grafana, pagerduty, etc.
    • Understanding of best practices in one or more Cloud Security Engineering specialties: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
    • Application security experience designing, building or testing web and API-based architectures.
    • Related experience in Information Security, Cybersecurity, Identity and Access Management (IAM) and/or Information Technology.
    • Understanding of security vulnerabilities, attacker exploit techniques and methods for remediation.
    • Experience with scripting and automation (Python, Go, JS, C, C++, Java, Ruby, or PowerShell)
    • Socially confident with good organization, communication and presentation skills.
    • Self-starter with good analytical skills and a proactive approach to problem-solving.
    • Prior working experience in or with a Software Development or Security Consulting Team is a plus.

How to stand out among the rest:

Your resume/CV is enough to show off your skills, accomplishments, and experience. However, if you choose to include a cover letter introducing us to your awesome personality, we will read that too.

Values:

Of course, we are nothing without our values. Our values ground us. They ensure we run and build a company where people love to work, feel like they are welcomed, included, and belong.  Only then can they thrive and do their best work.  The values we strive to live every day are:

  • Make It Fun
  • Elevate Teammates
  • Cultivate Our Community
  • Always Level Up
  • One Zwift for All

We strongly believe that different backgrounds and ideas are a competitive advantage; we hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. Zwift is proud to be an Equal Opportunity Employer. If you have a disability or special need that requires accommodation, please let us know by emailing [email protected]

Zwift, Inc. is an Equal Opportunity Employer.

Apply now