DevOps Security Engineer - Enterprise Cloud
Zoom is seeking a hands-on DevSecOps Engineer, to join our enterprise security team. As a hands-on engineer you will partner with our DevOps (Ops) team to work on security best practices and remediation. You will develop a collaborative relationship with our Ops peers to ensure that CIS benchmarks and hardening best practices are implemented throughout our colocated datacenters, cloud and IT environments.
You will be working with the Ops teams on security remediation projects from various assessments, reviews, and best practices. You are a security domain expert and have worked in multiple cloud environments as well as data centers. This is a hands-on role also responsible for implementation of security tools and resolving vulnerabilities everywhere in the stack.
Responsibilities:
Partner with Ops to implement consistent DevSecOps best practices including CIS benchmarks
Assist with security remediation for found vulnerabilities within SLAs
Provide security guidance and policies on maintaining a proactive security posture
Participate in new project reviews and architecture security reviews
Identify opportunities for automation, partner with engineering and security teams on implementing automation
Develop and support development of security testing and validation tooling.
Improve secure coding practices, application security requirements, automation, training, and metrics
Assist with regular security responsibilities such as quarterly access reviews, vulnerability scanning, and security testing
Follow up with Ops teams with security requests and issues, provide status to management, and resolve issues
Requirements:
At least 3 years of experience in a DevOps environment
Prior experience as a DevSecOps engineer required
Significant cloud ops experience preferably with AWS, Azure and Oracle
Hands-on knowledge of information security technologies such as security design review, threat modeling, OWASP Top 10, risk analysis, and software testing techniques
Familiarity with microservice architecture, Docker, Kubernetes, AWS
Understanding of secure cloud networking such as VPC peering, flow logs, ACLs, and Guard Duty logs
Hands-on experience securing cloud data stores in S3 and databases, RDS, MySQL, Redshift, DynamoDB
Experience with ELK stack, Splunk, ServiceNow, Okta, and JIRA
Preferred Qualifications:
Cloud certifications such as AWS, GCP, Azure, CCSK
Bachelor’s or Master’s degree in Computer Science, Information Systems, Information Assurance, or related field
Experience working in video communications, technology, or financial services industry.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Explore Zoom:
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram