Staff Cloud Application Security Engineer

Location: San Diego, California US

Apply

Requisition Number: 203409

Position Title: Engineer (III)

External Description:

Are you a problem solver? Does the prospect of solving the world’s toughest problems with data and analytics in the cloud excite you? Would you like to work side-by-side with the brightest analytical and engineering minds in the industry to help organizations innovate and solve their big data needs with cloud based solutions? If yes, you belong here as part of the Teradata Cloud Security team.

With all the investments being made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

Summary Description:
The Staff Cloud Application Security Engineer will be responsible for the security of our Cloud services at every phase of the software development life-cycle, working closely with architects, engineers, and devops teams to ensure applications are secure from architecture through operations. An ideal candidate will have a demonstrated ability to articulate security requirements and best practices to key stakeholders, is detail oriented and able to operate effectively under pressure.

This role will lead the security reviews and design of cutting-edge scalable and high performing managed cloud services and ensure our customers’ data are appropriately protected and monitored and to identify potential security issues. We are looking for candidates who are passionate about security, automation and love the challenge of working in highly distributed and dynamic Hybrid Cloud environment.

Key Responsibilities:
• You are responsible for secure architecture and design for managed software services
• Lead threat model reviews with application and infrastructure engineering teams to identify application threats & vulnerabilities and recommend mitigation strategies
• Partner with product management, engineering and operational teams to develop best of breed security architectures supporting compliance (e.g. PCI DSS, ISO 27001, HIPAA), customer requirements and operational SLAs of our hybrid cloud offerings.
• Provide practical guidance to engineering teams to support the implementation of security controls, guidelines, recommendations and best practices
• Develop and implement Secure Development Lifecycle (SDL) processes and standards
• Assist teams in identifying mitigation approaches for of vulnerability and static/dynamic scan results
• Work with DevOps engineers to integrate static and dynamic analysis security tools into CI/CD pipelines
• Interpret security tools and penetration testing results and describe issues and fixes to developers
• Provide vulnerability remediation guidance and mentoring to product development software engineers
• Build metrics to track security review risks and automate management of security information to drive down security risks
• Provide security requirements and guidelines for the Cloud organization to protect critical customer assets and data
• Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements


Skills and Attributes:
• Proven track record designing, documenting and successfully deploying multi-layer security architectures on private and public cloud
• Experience with AWS, Microsoft Azure and/or GCP security models
• Experience delivering security architectures meeting security best practices and standards
• Strong understanding of SDLC and Secure Development Lifecycle (SDL) including performing Security risk reviews, threat modeling, and risk assessments
• Experience designing and implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation)
• Candidates must be able to explain vulnerabilities and weaknesses in the OWASP Top 10, CWE 25 to any audience, and discuss effective defensive techniques.
• Deep understanding of HTTP and SSL/TLS protocols and Web applications
• Knowledge of Windows and Linux operating systems; Docker and Kubernetes
• Familiarity with dynamic and static analysis tools
• Understanding of continuous integration / continuous deployment processes and tools
• Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts
• Must be a self-starter and able to work well with others in a fast-paced agile environment with an emphasis on collaborating and assisting teams to meet business objectives

Skills and Experience
• 10 years of information technology experience
• 5+ years in a Security Engineering role
• 2+ years in a role requiring technical knowledge of current cloud security models & technologies with both AWS and Azure.
• Excellent verbal and written communication and presentation skills
• Attention to detail, ability to multi-task and maintain composure when under pressure
Basic Qualifications:
• Experience with security and privacy controls deployed in large enterprise cloud environments
• Ability to clearly communicate information security concepts and complex technical topics to a wide audience of both technical and non-technical personnel
• Execution oriented with an ability to manage multiple projects simultaneously with a focus on outcomes driving impact
• Bachelors degree in information security/systems or related experience preferred but not required
• CCSP, CCSK, AWS Certified Solutions architect or equivalent certifications are highly desired.

*Our total compensation approach includes a competitive base salary, 401(k), strong work/family programs, and medical, dental and disability coverage.

Teradata is an Equal Opportunity/Affirmative Action Employer and commits to hiring returning veterans.

CountryEEOText_Description: Teradata is an Equal Opportunity/Affirmative Action Employer and commits to hiring returning veterans.

City: San Diego

State: California

Community / Marketing Title: Staff Cloud Application Security Engineer

Job Category: Engineering

Company Profile:

With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

Location_formattedLocationLong: San Diego, California US

.

© 2018, Teradata. All rights reserved. | Privacy | Terms of Use | Fraud Alert | Tracking Consent | Teradata is an Equal Opportunity Employer | www.teradata.com