Senior Cloud Security Engineer (DevSecOps)
At Palo Alto Networks®, everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
The Senior DevSecOps Engineer will be responsible for the design and development of innovative security solutions for protecting data deployed into the cloud. Develop and sustain the security vision and strategy around cloud-based applications, across all cloud deployments (Infrastructure, Platform, and Software), leveraging Palo Alto Networks products where applicable. This will be a role will be both hands-on technical role and requires direct communications with cross-functional teams in Product Management, Development, and DevOps/SRE.
- 3+ years of hands-on experience in Cloud Security, preferably in the delivery of large-scale, multi-tenant enterprise Cloud Platforms
- Hands-on experience using cloud computing, networking, storage, and database services in AWS and/or GCP
- S-SDLC - pre-commit/pre-receive hooks, dependency scanning, SAST, vulnerability scanning, DAST to identify security issues such as OWASP. Driving a shift-left mentality with development teams
- Have hands-on experience with tools and technologies used throughout secure SDLC (e.g., Burp Suite, Fortify/Checkmarx/Veracode, WhiteSource/Blackduck)
- Experience working with Development, Product, and DevOps/SRE teams in compliance efforts
- DevOps container/orchestration tools (Kubernetes, Docker, Puppet, Jenkins, Ansible, Terraform or comparable technologies)
- Work with an understanding of the basic cloud security principles that drive cloud architectural decisions
- Integration, Design, Architecture of AWS or GCP services into other Security Platforms (IAM, SAML, OAuth, Okta, Ping Identity)
- Microservice architecture expertise and best practices in securing microservices across multi-cloud environments
- Solid experience and background working with AWS and GCP services (EC2, VPC, ELB, S3, GCS, GBQ, CloudFormation, RDS, Lambda, SNS, etc.)
- Expertise in application development frameworks, build systems and ability to integrate tools into the CI infrastructure
- Experience with continuous integration tools such as Gitlab CI, Jenkins and build tools like Maven, CMake or comparable
- Familiarity with SAST, DAST, IAST, RASP and/or OSS scanning tools
- Authoritative understanding of common software and web application security vulnerabilities
- Knowledge of crypto primitives, authentication protocols and authorization standards (Eg SSL/TLS, SAML, OAuth, JWT tokens)
- Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business
- Experience in software security testing, methodologies, and frameworks
- Contributions to open-source tools, particularly security tools a plus
We’re not your ordinary Information Security team. We’re a diverse group of security professionals that accepts challenging the status quo in order to protect Palo Alto Networks and our customers.
Driving innovation on the Information Security team of the fastest-growing high-tech cybersecurity company is a once in a lifetime opportunity. You’ll be joined by the brightest minds in technology, and our global teams are on the front line of defense against cyberattacks.
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at firstname.lastname@example.org.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.