threat modeling (regular)
Cloud pentesting (regular)
We’re looking for a hands-on Cloud Security Engineer to join our growing Cloud Security team.
The opportunity :
As a Cloud Security Engineer at Egnyte, you will have a profound impact on our security operations. Based on your in-depth understanding of cloud security, you will support Egnyte’s NetOps, CloudOps, SRE, and Production Engineering teams in building a secure infrastructure for our product following the industry’s best practices.
You’ll also implement a highly automated approach to monitoring and detecting incidents, as well as responding to them timely and effectively.
You’ll be able to apply your skills to interesting challenges joining Egnyte is an opportunity to work with diverse technologies and large-scale software (1 million users, 20k transactions per second, 28 Petabytes of data).
An ideal candidate is a great problem solver with experience in systems design, architecture, and compliance. To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte.
Working in this role, you will have a chance to develop security-oriented tools and processes from conception to completion and foster a culture of security.
Your day-to-day at Egnyte :
Being in charge of security tools used to secure Egnyte’s multi-cloud environments
Automating infrastructure security practices
Work with the rest of the Security Data Governance & Compliance team to ensure you achieve team objectives
Designing and building scalable IAM infrastructure, enabling others to take advantage of fine-grained access controls at low cost
Advising on key security capabilities concerning key management and encryption, including best practices around auditing, and governance
Enhancing our incident response capabilities
Recommending solutions for improving Egnyte’s security operations (network, identity and access, identity management, infrastructure)
Sharing your experience with junior engineers to foster a culture of excellence
What skills are we looking for?
2+ years of experience handling critical production incidents
3+ years of experience with Linux system administration
2+ years of experience working in a Cloud environment, preferably GCP
Experience with distributed systems, networking, hardware, logistics and operations, or capacity
Experience with at least one scripting language of your choice
Ability to synthesize information from different sources to create clear and concise technical documents explaining the background and procedures for detecting and mitigating risks
Strong background with CI / CD pipelines and security-related tooling
Excellent communication skills, and being happy to collaborate with others, providing guidance and mentoring where needed
Experience with containerized workloads
Ability to write and deploy your own tools and automation (preferably in Python)
Good command of English that allows you to effectively communicate and perform your tasks (B2 / C1+)
Bonus Points :
Experience with ISO 27001, SOC2, HIPAA, FedRAMP standards
Experience working with Elastic Stack, Prometheus, Grafana, Lacework, Prisma Cloud, or similar
Practical experience implementing Zero Trust Networking mechanisms across cloud infrastructure
Expertise in cloud automation tools such as Terraform, Puppet, Ansible, etc.