Cloud Security Engineer
About the role and about You:
The Zwift Information Security Team is looking for a Cloud Security Engineer to help build and grow
security operations for our cloud based services platform.
You will champion security due diligence efforts, plan security integrations, and collaborate with cloud and engineering teams to ensure resilient
security-focused architecture. You will partner with key project stakeholders to review technology proposals, identify key security impacts, implement actionable plans to achieve remediation of security threats, and dive deep into tactical security aspects of a cloud-based containerized service built from the ground up.
Cloud Security Engineers oversee and influence cross-functional teams with a keen focus on security due diligence and integration.
Successful Cloud Security Engineers at Zwift are self-starters, able to work autonomously in ambiguous environments, and collaborative natural problem solvers with experience automating and integrating disparate technologies.
You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud and containerized security threats, the ability to influence people from customers to managers through technical solutions, and the desire to be an integral
contributor to securing Zwift’s systems and services technology platforms.
The Zwift Information Security Team is responsible for the security and availability of all services offered by Zwift, as well as providing security support for teams leveraging those services. This team works with service teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, review and audit proposed technologies and services, and solve security challenges at scale.
This is an exciting and visible role – you will directly influence the security postures for Zwift products and
services.
What you’ll do:
● Collaborate with Engineering teams across Zwift to build and validate secure and scalable
containerized architectures in the cloud.
● Implement information security controls and patterns that support risk assessments and the
development of secure architectures.
● Collaborate with engineering teams to drive product roadmaps, by providing security
requirements that map security controls to service features.
● Identify and mitigate risks throughout our corporate and production environments.
● Provide continuous technical support and escalation management for security related issues
throughout Zwift.
● Identify opportunities for process improvement, including the development and implementation of
internal security tools, tactics, and procedures.
● Provide security related guidance and documentation.
What you'll have:
● Bachelor's Degree in Computer Science, Information Security, or a related field (or 4 years
equivalent experience)
● 2+ years of hands-on experience operating and securing container based infrastructures.
● 2+ years of experience in Cloud Security Engineering, DevOps or IT Operations roles, strong
familiarity with the principles of DevOps and Agile development.
● 2+ years of hands-on experience securing cloud applications and infrastructure (AWS strongly
preferred).
● Understanding of security vulnerabilities, attacker exploit techniques and methods for remediation
of such.
● Excellent understanding/working knowledge of the public cloud infrastructure and services in
AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS
Config, etc.) is a strong plus.
● Excellent understanding of Docker and container orchestration with Kubernetes and experience
running production Kubernetes clusters in Amazon EKS, Google GKE, or similar managed
platform.
● Experience implementing and leveraging centralized logging and monitoring solutions such as
Elasticsearch, Kibana, Fluentd, Influxdb, Prometheus, Grafana, PagerDuty, etc.
● Experience communicating technical concepts to a non-technical audience.
● Demonstrated experience in areas such as system security, network, and/or application security
experience.
● Understanding of best practices in one or more Cloud Security Engineering specialties: secure
development, cryptography, network security, security operations, systems security, policy, and
incident response.
● Experience with scripting and automation (Python, Go, JS, C, C++, Java, Ruby, or PowerShell)
● Socially confident with good organization, communication, and presentation skills.
● Self-starter with good analytical skills and a proactive approach to problem-solving.
● Prior working experience in or with a Software Development or Security Consulting Team is a plus.
(Colorado only) minimum salary of 68,300 + Bonus + Equity + Benefits
How to stand out among the rest:
Your resume/CV is enough to show off your skills, accomplishments, and experience. However, if you choose to include a cover letter introducing us to your awesome personality, we will read that too.
We strongly believe that different backgrounds and ideas are a competitive advantage; we hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. Zwift is proud to be an Equal Opportunity Employer. If you have a disability or special need that requires accommodation, please let us know by emailing [email protected].
Zwift, Inc. is an Equal Opportunity Employer.
Transparency in Coverage:
Health plan price transparency is designed to help consumers know the cost of covered items or healthcare-related services prior to the date upon which they receive care. Transparency in Coverage (TIC) regulations require health insurers and group health plans to create machine readable files (MRFs) that contain the negotiated rates for in-network providers and allowed amounts derived from historical claims for out-of-network providers and make those files publicly available.
Here is the link to the site on which Anthem posts its in-network and out-of-network allowed amount machine-readable files (MRFs). The link