Staff Cloud Security Operations Administrator

Security and Compliance Seattle, Washington Durham, North Carolina

Job Summary

Avalara Security is seeking an experienced professional who is passionate about information
security to build and lead our Cloud Security Operations team.
The Staff Cloud Security Operations Administrator will build and mentor a team that exclusively
uses code to mature existing and emerging security programs and processes in our cloud
environments. You will be responsible for providing leadership and guidance to apply real-world
mitigation steps to identified information risks.
The successful candidate for this role is versed in at least one programing or scripting
languages will have a proven history of using automation to manage risk in cloud environments.
A thorough understanding of security architectures and experience deploying complex
enterprise solutions will be valuable experience for the right candidate.

Job Duties

  • Work closely with Cloud Security Engineering and DevSecOp teams to create and implement security processes and solutions into Avalara cloud environments
  • Work with security teams to deploy infrastructure into cloud environments
  • Produce metrics and reports on cloud security posture
  • Produce actionable cloud security alerts in SIEM
  • Support WAF deployment and tuning in multiple cloud environments
  • Develop and write SOPs and runbooks
  • Lead efforts to mature cloud security related operational processes and controls through
  • automation
  • Assist in performing security assessments and audits
  • Provide mentorship to cloud security operations team members
  • Provide level 3 cloud security operation support
  • Serve as cloud security subject matter expert in incident response

  • Minimum 12 years of progressive security experience in an operational environment
  • Minimum 5 years experience in cloud environments (AWS, Azure, GCP)
  • Minimum 5 years experience working in security roles
  • Bachelors Degree in Information Systems, or Information Security related studies
  • CISSP, CISA, or CISM certifications
  • Experience integrating cloud services into SIEMs
  • Experience and strong technical knowledge with Infrastructure as Code (IAC)
  • Experience and strong technical knowledge with container environments
  • Experience and strong technical knowledge with cloud native and serverless
  • applications
  • Knowledge of common security technologies
  • Experience working with WAF technology
  • Current understanding of Industry trends and emerging threats
  • Experience delivering reporting and SLA management

Preferred Qualifications
  • An understanding of SSAE18 SOC 2, PCI-DSS, NIST, and ISO 27000 standards, plus
  • related assessment methodologies is highly desired
  • Experience with a variety of cloud providers such as AWS or Azure, and how to properly
  • design secure architectures
  • Experience managing Public Key Infrastructure (PKI) or other certificate related services

Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law.