Security Engineer - DevOps

Our Company

Teradata empowers companies to achieve high-impact business outcomes through analytics. With a powerful combination of Industry expertise and leading hybrid Cloud technologies for data warehousing and big data analytics, Teradata unleashes the potential of great companies.  Partnering with top companies around the world, Teradata helps improve customer experience, mitigate risk, drive product innovation, achieve operational excellence, transform finance, and optimize assets. Teradata is recognized by media and industry analysts as a future-focused company for its technological excellence, sustainability, ethics, and business value. 

The Teradata culture isn’t just about one kind of person. So many individuals make up who we are, making us that much more unique. It’s what sets apart the dynamic, diverse and collaborative environment that is Teradata. But even as individuals, there’s one thing that we all share —our united goal of making Teradata and our people, the best we can be.

Our Team

The Product Security team is an integral part of Teradata Global Security and closely partners with Cloud and IT Operations teams to secure Teradata and our customers. We evangelize security at every stage of operations and work closely with SREs to ensure applications are secure from deployment through deprecation. Our expertise lies in deep technical understanding of security and are security architects within Teradata and the wider security community. The Product Security team is tasked with building advanced security tools and methods for automating security.

Your Opportunity

The Product Security team is looking for a security engineer who is a passionate about helping the company secure our Cloud and On-Premises platforms. The Security Engineer will work to develop and deploy infrastructure-as-code into our Cloud and On-Premises platforms in support of the vulnerability management program. We are looking for someone who is passionate about DevOps to lead a small team of security engineers to automate and operate the vulnerability management program. The ideal is a candidate is Security DevOps subject matter expert and has exceptional communication skills. If you evangelize security automation and love to share your knowledge with others, this position is for you.

Primary Job Responsibilities:

• Lead a team of like-minded individuals to secure Teradata’s Cloud and on-prem infrastructure
• Contribute to architecture decisions to ensure a consistent approach to DevOps
• Develop Cloud infrastructure automation to service vulnerability management requirements
• Develop metrics to track highest security risks, and drive issues to closure
• Collaborate with software developers to integrate vulnerability scanners into CI/CD pipelines
• Interpret vulnerability scan results, penetration test results and describe issues and fixes to non-security experts
• Provide vulnerability remediation guidance and mentoring to product development software engineers
• Evaluation of new technologies, tools, and/or techniques that impact security
• Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements
• Identify and automate security processes and practices
• Write and deploy Docker applications
• Deliver security metrics to development teams
• Be a leader in security by researching ways to scale security and presenting at internal and external events.
• Train developers in various aspects of security to include secure coding, security requirements, static/dynamic security tools, etc.

Qualifications

Primary Job Skills:

• Work as part of a team
• 5+ years’ relevant experience in cybersecurity and vulnerability management
• Industry certifications or training and experience, e.g., CISSP, CCSP or relevant GIAC certifications preferred
• Excellent written and verbal communication skills
• Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms
• General understanding of and passion for computer, Web, and network security
• Familiarity with Docker and Kubernetes
• Familiarity with AWS, Azure, and/or Google Cloud
• Ability to automate tasks using a scripting language (Python, Ruby, etc).
• The ideal candidate is proficient in a programming language, e.g., Golang, Java, Python, C, C++, C#, Objective C, etc.
• Ability to quickly learn a programming language
• Deep understanding of HTTP and SSL/TLS protocols, and Web applications
• Knowledge of networking fundamentals (all OSI layers)
• Proficiency in Linux administration
• Understanding of continuous integration / continuous deployment processes and tools
• MS/BS degree in Electrical Engineering, Computer Science, Information Technology, or related field, or comparable experience

Location: San Diego, CA