Lead SRE Engineer - Security Engineering

As a Lead SRE/DevOps Security Engineer, your background as a SRE or DevOps engineer will enable us to implement security solutions across a variety of applications and systems.   ensuring that our infrastructure and data are protected against the most sophisticated threats. You will spearhead the implementation of security practices across multiple cloud platforms.  

We're looking for a candidate who not only possesses a broad base of security knowledge but also specializes in several areas of deep expertise. Your ability to lead, influence, and communicate clearly will be vital. You should be naturally comfortable explaining complex risks to both technical and non-technical stakeholders, bridging gaps in understanding, and guiding teams toward secure solutions with a balance of firm expertise and diplomatic skill.

• Design, develop, and manage security controls within the cloud architecture using best practices and advanced cloud security solutions.
• Collaborate with IT and Engineering teams to integrate security measures with existing infrastructure while ensuring continuous delivery and minimal service interruptions.
• Stay updated with the latest in cloud technology and security advancements to anticipate and guard against new threats.
• Provide leadership and mentorship to a team of cloud security professionals, promoting a culture of security awareness and continuous improvement.
• Manage the response to security incidents and breaches, including the investigation of such events and the coordination of forensic analysis and remediation efforts.

• You bring over five years of experience in Security Engineering, complemented by three years in DevOps, Site Reliability Engineering (SRE), or similar roles within enterprise production environments. 

• You have extensive experience with cloud services such as AWS, Azure, and GCP, including experience with automating operations, engineering scalability architecture, and deep understanding of network architecture.  You are well-versed in AWS cloud-native infrastructure such as ECS, Lambda, S3, and API Gateway.
• You have over five years of hands-on experience in Linux environments and are skilled in Infrastructure as Code languages (Terraform), scripting (Python/Go),source code management, CI/CD platforms, and performance analysis.
• Experience aligning engineering processes with security requirements and best practices.  
• You have implemented best practices for container orchestration to protect against vulnerabilities and ensure the isolation and security of containerized applications.

• You possess demonstrated leadership skills with the ability to manage and mentor a team of security professionals. You are an effective communicator and worked closely with cross functional teams to implement security outcomes. 
• Problem-Solving Abilities: You have excellent problem-solving skills with a strategic mindset that allows you to think methodically and execute plans effectively.
• Certifications: You ideally hold relevant professional certifications such as AWS Certified Solutions Architect, Certified Kubernetes Application Developer. Optionally, working toward security certifications such as CISSP, CISM.
• Educational Background: You have a Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field, or equivalent professional experience.
• Regulatory Knowledge: You have experience working in an environment that adheres to standards such as SOX, ISO 27001, NIST, SOC 2.  Experience with HIPAA and HITRUST is desirable but not required.