Senior Cloud Security Engineer

Location: Long Beach, CA or Remote (Select US States)

Who we’re looking for:

The Zwift InfoSec Team is looking for a Senior Cloud Security Engineer to help build and grow security operations for our cloud based services platform. You will lead security due diligence efforts, plan security integrations, and collaborate with cloud and engineering teams to build resilient security focussed architecture. You will partner with key project stakeholders to review technology proposals, identify key security impacts, implement actionable plans to achieve remediation of security threats, and dive deep into tactical security aspects of a cloud based containerized service built from the ground up. Senior Cloud Security Engineers oversee and influence cross-functional teams with a keen focus on security due diligence and integration. 

Successful Senior Cloud Security Engineers at Zwift are self-starters, able to work autonomously in ambiguous environments, and collaborative natural problem solvers with experience automating and integrating disparate technologies. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud and containerized security threats, the ability to influence people from customers to managers through technical solutions, and the desire to be an integral contributor to securing Zwift’s systems and services technology platforms.

The Zwift InfoSec Team is responsible for the security and availability of all services offered by Zwift, as well as providing security support for teams leveraging those services. The Zwift InfoSec team works with service teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, review and audit proposed technologies and services, and solve security challenges at scale. This is an exciting and visible role – you will directly influence the security postures for Zwift products and services. 

What you'll do:

• Collaborate with Engineering teams across Zwift to design, build, and validate secure and scalable containerized architectures in the cloud.
• Implement information security controls and patterns that support risk assessments and the development of secure architectures.
• Collaborate with engineering teams to drive product roadmaps, by providing security requirements that map security controls to service features.
• Identify and mitigate risks throughout our corporate and production environments.
• Provide continuous technical support and escalation management for security related issues throughout Zwift.
• Identify opportunities for process improvement, including the development and implementation of internal security tools, tactics, and procedures.
• Provide security related guidance and documentation.

What we’re looking for:

• Bachelor's Degree in Computer Science or a related field (or 5 years equivalent experience)
• Minimum of 3+ years of progressive security architecture experience; preferably within a professional services firm or similar environment working with startups and large security mature companies.
• 3+ years of hands-on experience operating and securing container based infrastructures.
• 3+ years of experience in Cloud Security Engineering, DevOps or IT Operations roles, strong familiarity with the principles of DevOps and Agile development.
• 3+ years of hands-on experience securing cloud applications and infrastructure (AWS strongly preferred).
• Understanding of security vulnerabilities, attacker exploit techniques and methods for remediation of such.
• Excellent understanding/working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.) is a strong plus.
• Excellent understanding of docker and container orchestration with kubernetes and experience running production kubernetes clusters in Amazon EKS, Google GKE, or similar managed platform.
• Experience implementing and leveraging centralized logging and monitoring solutions such as elasticsearch, kibana, fluentd, influxdb, prometheus, grafana, pagerduty, etc.
• Experience communicating technical concepts to a non-technical audience.
• Demonstrated experience in areas such as system security, network, and/or application security experience.
• Understanding of best practices in one or more Cloud Security Engineering specialties: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
• Experience with scripting and automation (Python, Go, JS, C, C++, Java, Ruby, or PowerShell)
• Socially confident with good organization, communication and presentation skills.
• Self-starter with good analytical skills and a proactive approach to problem-solving.
• Prior working experience in or with a Software Development or Security Consulting Team is a plus.