Staff Security Software Engineer

About This Role:

We are actively seeking seasoned, senior trendsetters in a role as Staff Software Technical Leader, Security Products. As part of our Security Engineering team, you will be responsible for architecture, end-to-end system design from inception through product delivery and lifecycle of multiple security products in one or more of: Detection, Remediation, Prevention of any “kill-chain” at any stage. This can include research, development and delivery, partner integrations among but not limited to Malware, Ransomware, IAM, KMS, DSPM, CSPM, UEBA, SIEM/SOAR and many more. 

Day-to-day role involves developing system security software service at a fast paced development environment in a hybrid cloud & on-prem deployment and continuously improving product security posture. The role will serve as a Security Specialist in cloud, container, Kubernetes security, coherence caching, control plane - data plane connectivity and associated security & hardening needs, scale-out DB & managed services, monitoring & metrics, hands-on with cloud-infra CI/CD tools, performant and efficient cloud backend development (full-stack would be a benefit), KMS, identify & access management. 

You are working in lock step with cross-BU platform, cloud SaaS engineering and infrastructure teams, enabling and delivering security products in the ecosystem with monthly release cycles. Writing design specs, implementing the design, and communicating with stakeholders will be a regular part of the job. We’re looking for an individual who is motivated by technology and enjoys problem-solving, mentoring, reviewing and collaborating with engineers (not as a people manager, but as their tech lead and architect).  

Responsibilities

• Architect, technically leads teams as a hands-on Principal to guide, mentor and deliver Cloud Security Products in SaaS distributed environments. This includes Anti-Ransomware solutions, AI/ML based attack vector analysis with solution & product design to address customer needs to ensure Data Security, Data Sovereignty. 
• Bring core value with current and innovative solutions for Cohesity leadership in securing customer data in hosted SaaS and enterprise environments.
• Engineering, implementing and supervising security measures for the protection of Cloud Infrastructure and integrations
• Perform security architecture reviews for Cloud Infrastructure for existing and new services
• Conduct assessments of security controls and configuration and continuous verification with automation
• Threat Modeling and Pen Testing of Cloud security Infrastructure & services
• Design and implement Cloud Infrastructure Monitoring use cases.
• Implement and Manage Egress and Ingress security controls Network Firewall, WAF, DDoS
• Perform Security training and outreach to internal development tools.
• An advocate for policy of code, security, and automation. Embracing DevSecOps towards all cloud activities
• Design, develop, and implement system, container, and Cloud Security related product features (MUST HAVE)
• Deep understanding of Linux Internals, Containers, and Cloud security that can be efficient at running as On-Prem software or as SaaS on public clouds
• Coordinate features and deliverables across multiple teams to achieve project goals
• Collaborate with cloud operations to establish KPI for different services and own end to end delivery and lifecycle management
• Lead initiatives and projects. Provide technical leadership and mentoring to team members.
• An advocate for policy as a code, security, and automation. 

Requirements

• B.S. or M.S. in Computer Science, Electrical Engineering or related experience.
• At least 12+ years of experience in Information Security including 4+ years of experience in Cloud Security.
• Demonstrated success and influence in the Cloud Security space with relevant experience in one or more of: AD, WAF,  Firewall, Intrusion Prevention, Data Encryption and Compliance needs.
• Hands-on working experience in architecting/operating solutions and security frameworks built on AWS, Azure, or Google Cloud.
• Meaningful experience in high level programming languages (Java, Python, C++, Go).
• Experience defining security policy, technology requirements, and control objectives.
• Experience in logging, monitoring, and responding to detected incidents in the cloud environment.
• Ability to translate compliance requirements into technical controls.
• Strong working experience in protecting databases, networks, and compute security controls including Docker / Kubernetes architecture and security configuration.
• Deep understanding of Cloud Security fundamentals (Cloud networks and Cloud-based Systems), including cryptography and the shared responsibility model
• Expert knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security and broader security technologies.
• An interest and desire to stay abreast of emerging security threats, vulnerabilities, and controls.
• Experience in implementing Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) is a plus
• Experience working in a regulated environment (SOC, ISO, PCI, DSS, HIPAA, etc.)
• Hands-on development experience using Cryptography algorithms, API / User Authentication, and authorization design and implementations
• Strong cloud backend development experience in one or more of: Java, Golang, C++
• REST API and GRPC-based application development.
• Deep understanding of Cloud Security (Cloud networks and Cloud-based Systems)
• Motivated to solve complex problems and challenges. 
• Distributed systems design and development is plus
• Strong analytical and problem-solving skills