Senior Security Architect

Responsibilities

• Identify, suggest, and implement security improvements to Incode’s current operations and infrastructure. 
• Evaluate new solutions and tools in AWS, Azure, and other clouds, and develop security frameworks that enable Incode to introduce these technologies in a secure manner. 
• Continuously implement the latest cloud security standards and build supporting documentation and reference architectures for technical and non-technical audiences.
• Drive cloud security strategy and roadmap.
• Learn continuously to maintain and broaden cloud security architecture expertise
• Continuous monitoring of security and infrastructure alerts, investigation of root causes, documentation of the findings. 
• Assist with strategies for migration to Kubernetes.
• Implement alerts for infrastructure monitoring, access attempts, and changes to configurations that deviate from established baselines.
• Design cloud-native architectures to meet business and security requirements, while appropriately managing risk.
• Collaborate in the implementation and improvement of continuous integration, testing (including security), delivery, and deployment pipelines.
• Provide responses to security questionnaires, audits, and other security related questions.
• Work closely with Product, DevOps, IT Compliance, and other areas to ensure security and privacy requirements are met in the development of the product and in the deployment of infrastructure that supports the product. 

Requirements

• Experience working in an Agile/Scrum Environment 
• Specialist in AWS Cloud computing technologies, including 5 years of experience with infrastructure AWS services like VPC, subnets, route tables, EC2 instances, ECS with EC2 and Fargate, ELB (Application, Network and Classic), Cloudwatch, Systems Manager, VPN, Transit Gateway, CloudFront, API Gateway. 
• Demonstrated experience with AWS Security Services (AWS Shield, AWS Trusted Advisor, Macie, IAM, AWS WAF, CloudTrail).
• Knowledge of AWS Security services: IAM, Secrets Manager, GuardDuty, Inspector, Macie, Certificate Manager, KMS, WAF & Shield, Firewall Manager, Audit Manager, Detective, Artifact, Cognito.
• Knowledge of AWS Well Architected Framework and Cloud migration industry best practices.
• Technical writing skills for documenting environments and operating procedures.
• Extensive experience with industry compliance and security standards including PCI DSS, SOC2, ISO 27001, NIST 800-53.
• Experience working with containers and related technologies: Docker, Kubernetes, ECS, EKS.
• Linux and Windows administration experience.
• Experience with DevOps and DevSecOps.
• Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.
• Experience with security solutions such as WAF, IPS, and anti-DDOS systems.
• Extensive experience with IT Compliance and risk management requirements.
• Experience with network security platforms.
• Extensive experience with encryption in-transit and at-rest practices, as well as certificate and secrets management, security event & incident management (SIEM) platforms.
• Extensive experience with infrastructure automation, infrastructure as code, automated application deployment, monitoring/telemetry, logging, reporting, and continuous delivery technologies. 
• Infrastructure as code relating to these technologies: AWS-CLI with scripting, Bash, Python, CloudFormation, Terraform. 
• Experience performing security assessments.
• Extensive implementation experience with enterprise security solutions, privilege management, identity management and federation systems.
• Experience with continuous integration, continuous deployment, continuous testing as well as experience with tools like AWS CodeDeploy , CodePipeline, CircleCI, Jenkins, GitHub, DockerHub. 


• Preferred Experience and Certification: 
• Experience as a thought leader to a talented group of engineers
• CISSP, CISA, CISM, IS027001 LA/LI, SANS (or equivalent experience)
• AWS Certified Solutions Architect – Associate (or equivalent experience)
• AWS Certified Solutions Architect – Professional (or equivalent experience)
• AWS Security – Specialty (or equivalent experience) 

Benefits & Perks

• Meaningful Equity
• Flexible Working Hours & Workplace
• Open Vacation Policy
• Wellness Program
• International Travel Opportunities
• Additional benefit package according to location (401k, medical insurance, etc.)

8 Aspects of our Culture:

• Values are what we value
• High performance
• Freedom & responsibility
• Context, not control
• Highly aligned, loosely coupled
• Continuous Feedback
• Pay Top of Market
• Promotions & Development
• Learn more about Life at Incode!